CCNP ROUTE
   CCNA Recap
   EIGRP authentication
   Neighbor discovery
      Neighbor table
      Topology table
   EIGRP and Frame Relay + other topics
   Changing the metric
   Successor and feasible successor
   Speed up convergence
   Load balance
   Route filtering
   Route summarization
   Default candidate route
   CCNA Summary
   OSPF packets
   OSPF neighborship in LAN
   Types of LSA
   Database Exchange Process
      Database Exchange without DR
      Database Exchange with DR
   OSPF route selection
   OSPF Route Filtering
   Manual summarization
   Default route
   OSPF virtual link
   OSPF neighborship in WAN
   OSPF and Frame Relay
Integrated IS-IS 
      IS-IS metric
      Short spanning tree, SPT
      Hello, LSP and SNP
  IS-IS addressing
Route redistribution
  EIGRP Redistribution
  OSPF Redistribution
  Redistribute into IS-IS
  Redistribution filtering
  Multiple router redistribution
  Backup interface
Route policy
  Path Attributes: AS_PATH
  eBGP neighborship
  Network command
  iBGP neighbor relationship
  BGP filter
  Advantages of IPv6:
  DHCP and NDP
  Types of IPv6 addresses and some protocols
  Configuring IPv6 address
  Changes in routing protocol
    RIP next generation, or RIPng, is the IPv6 version RIP.
    EIGRP for IPv6 differs from EIGRP for IPv4 by
    OSPFv3 is the IPv6 version of OSPFv2
    IS-IS for IPv6
    BGPP4+ for IPv6
    Redistribution and static routes
  Migration and tunnel
     Dual stack
Branch design and WAN
  Basic terminology
  Connecting with IPsec
  Connecting with DSL
  Connecting with VPN
  Multicast MAC and IP address
  Multicast solutions
  Versions of IGMP
  Implementing multicast
     Multicast routing protocol

CCNA Recap

 Like OSPF, EIGRP also recognize other neighbors through Hello (update) messages with
matching criteria. These messages are sent at and both routers need to have 1)
same ASN, 2) reside in the same subnet, 3) same K value, and 4) same authentication.
 As soon as these criteria are checked, a router becomes the neighbor. Then, 2 neighbors can
begin exchanging information.

 EIGRP has Hello interval and Hold Timer (= OSPF Dead interval) for Hello messages.

  EIGRP also have neighbor table (show ip eigrp neighbor), topology table (show ip eigrp
topology), and routing table (show ip route). The neighbor table contain all the possible next-hop
router without knowing anything else about the route (distance-vector).

  EIGRP Update messages are send when a router needs to convey topology information to
multiple routers (in case of single router, unicast address is used instead). These messages are
transported using Reliable Transport Protocol (RTP, Cisco proprietary), which can resend packet
if lost.
  Update messages can be Full or Partial updates, with full updates (containing the entire
routing table) only send when a router first comes up.

  Metric of EIGRP is (by default) based on bandwidth and delay (manually configurable with
ʻbandwidthʼ and ʻdelayʼ interface command) or can include load and reliability, although these
are strongly discouraged for the sake of metric stability.

  RD, or AD is the distance from the next-hop router to the destination, while FD is the distance
from this router to the destination. FD is the metric of successor route. Feasible successor
FD = ((107/slowest-bandwidth) + delay) * 256; both can be set with ʻbandwidthʼ and ʻdelayʼ.

  When the successor route fails, there are 2 options. If the router has feasible successor, it will
be used. If no feasible successor is present, DUAL algorithm is ran to find a new loop-free route
to the destination and add it to the routing table. The algorithm simply test the current, viable
routes to the destination (like a ping) using a query message and wait for a reply message.

  In essence, EIGRP support manual summarization at any router, support multiple routed
protocols (IP, IPX, and AppleTalk), each independent of each other; convergence takes less
than 10 seconds (sometimes even faster). However, EIGRP is Cisco proprietary.
  In a routing table entry, (FD/RD)

 If IGRP is ran in the same AS as EIGRP, the 2 can automatically redistribute routes.


 You can input either host address or network address for ‘network’ command in EIGRP.
 EIGRP uses IP protocol type 88.
 EIGRP uses protocol-dependent module (PDM), which means different routed protocol’s
EIGRP is processed independently. Different tables are maintained.

 When using RTP, the router needs to know how many other routers exist, so it knows how
many acknowledgements to expect. Using the neighbor table, if a multicast is not replied by
a neighbor, a unicast copy is send, repeatedly (16 times), until the router gives up and
neighbor is removed from the table (declared dead).

 RTP protocol send packets with sequence number so the latest information can be passed
around. Hello and ACK don’t require RTP, while Update, Query and Reply does.


 EIGRP may sometimes fail to recognize the down state of a neighbor; in this situation, the
Hold Timer (15 s for LAN, 60 s for Frame Relay, and 180 s for slow WAN links) is the
mechanism to recognize the problem.
 Other than Hold Timer, EIGRP may also implement Bidirectional Forwarding Detection
(BFD) to recognize failure of links.

 In EIGRP, the Hello Interval and Hold Timer may change on a per-interface basis by
applying ‘(config-if)#ip hello-interval eigrp ASN TIMER’ or ‘(config-if)#ip hold-time eigrp
ASN TIMER’, where TIMER is the value you would like to configure the timer.
 Changing the hold time doesn’t change the hello time.

  If 2 routers (in a neighbor relationship) has different Hello and Hold Timer, with R1 having
the smaller values, R2 MUST have a Hello Timer less than R1’s Hold Timer. This way, before
R1’s Hold Timer expires, R2 will be able to send Hello messages to R1, to maintain their
neighbor relationship.
  However, if the timer values differ, and R2 has a Hello Timer greater than R1’s Hold Timer,
the neighborship continues to fail and recover, flapping routes in and out of routing table.
‘show ip eigrp interface TYPE NUMBER detail’ expose the Hello Timer, but remaining Hold
Timer is displayed in ‘show ip eigrp neighbors’.

 It’s suggested that Hello interval and Hold timer should be set in a 1:3 ratio.

EIGRP authentication

 EIGRP authentication is based on PSK generating a MD5 digest, Hello messages are
authenticated, this means if authentication fails, neighbor will not be formed. To configure
authentication, you need to create a key chain and enable it:
1. Create authentication/key chain by ‘(config)#key chain NAME’; this name doesn’t have to
   match for neighbors and contain many keys in one chain.
2. Create one or more keys using ‘key NUMBER’, where NUMBER is used to identify which
   key to use; again, this doesn’t have to match for neighbors.
3. Define key value (password) with ‘key-string PASSWORD’; the value MUST match.
4. (optional) define lifetime for both sending and accepting each key string with ‘accept-
   lifetime start-time {infinite | END_TIME | duration SECONDS}’ or ‘send-lifetime start-
   time {infinite | END_TIME | duration SECONDS}’. This means the key value is only valid
   for some time instead of all the time.
5. Enable MD5 authentication with ‘(config-if)#ip authentication mode eigrp ASN md5'.
6. Then choose key chain to use with ‘(config-if)#ip authentication key-chain eigrp ASN
   NAME’, where NAME is the name of the key chain.
NOTE: when you send EIGRP message, the key with lowest key number is used.
 Key number must match between routers to form neighborship
 If R1 try to match the latter (in situation of 2 or more keys in the key chain) to check on
authentication, R2 can't establish authentication check regardless whether it had the
correct/wrong password, matching/unmatching key number/chain.

 Check with ‘show key chain’ and ‘debug ip eigrp packet’ commands. ‘missing
authentication’ means no MD5 digest is included, while ‘invalid authentication’ means a key
string mismatch.

 Neighboring EIGRP routers that use authentications should be configured to use NTP to
synchronize the clock. In a lab, you can set the time with ‘#clock set’ command.

Neighbor discovery

  When you would like to advertise a route connected to this router interface, but try not to
find a neighbor (such as LAN interface with no other routers), you may choose to take one
of these options:

1- Enable interface to advertise with ‘network’ command, while disable Hellos on interface
FastEthernet 0/0 with ‘(config-router)#passive-interface f 0/0’. You can also use ‘(config-
router)#passive-interface default’, which set all interfaces to passive-interface, then
UNpassive it with ‘(config-router)#no passive interface TYPE NUMBER’. ‘show ip eigrp
interfaces’ will display all the UNpassive interfaces.
  Configuring passive interface means the interface will receive the update (discarded to
prevent neighborship) but don’t send it.
  If configured with static neighbor, no update enter/leave interface.
  Network advertise all connected networks because every network match.

2- ‘redistribute connected’ RELAYS every network it is connected to, but there must be at
least one interface participating in EIGRP (or included in ‘network’ command) for routes to
be successfully redistributed; otherwise, the adjacency would even disappear. Same thing
apply to ‘redistribute static’.
  Since connected has AD of 0 and rest routing protocols have higher AD, you wouldn’t see a
change in the routing table.
  ‘redistribute connected’ + ‘network x.x.x.x’ = ‘network’ in external routes.

  EIGRP neighbor can be statically configured so router send unicast message (to neighbor’s
IP address, not RID) instead of flooding multicast Hellos. ‘(config-router)#neighbor IP_ADD
INT’ command specify neighbor’s IP address at IP_ADD and outgoing interface with INT. You
can set up multiple static neighbors.
  Note: this command only work if neighbor’s IP address is in the same subnet as exit
interface’s IP subnet. Once the command is configured, neighbor disappear from ‘show ip
eigrp neighbor. ‘network’ command is also necessary.

 When both routers (in a link) has the ‘neighbor’ command set, no traffic will pass from or
through that link. When only one router has it set, all its neighbors fail unless one neighbor
has a matching neighbor command set.
  In RIP, one-sided static neighborship will not cause problem reaching other routers. It has
format of ‘(config-router)#neighbor IP_ADD’.
        Static neighbor          Passive-interface          Static neighbor + passive-interface
  RIP  Multi + Unicast Not send/receive                     Unicast
 OSPF Unicast           No send/no receive/no advertised None
IS-IS                   Not send/not receive
EIGRP Unicast           Not send/not receive                None

Requirement                                                                            EIGRP OSPF
The routers must be able to send/receive IP packets to one another.                    Yes     Yes
Interfaces’ primary (not secondary) IP addresses must be in same subnet.               Yes     Yes
Must not be passive on the connected interface.                                        Yes     Yes
Must use the same ASN (EIGRP) or process-ID (OSPF) on the router configuration         Yes     No
Hello interval/timer, plus either the Hold (EIGRP) or Dead (OSPF) timer, must match.   No      Yes
Must pass neighbor authentication (if configured).                                     Yes     Yes
Must be in same area.                                                                  N/A     Yes
IP MTU must match.                                                                     No      Yes
K-values (used in metric calculation) must match.                                      Yes     N/A
Router IDs must be unique.                                                             No[1]   Yes

  You can change the way EIGRP configures its metric by changing some constants (value
that don’t change throughout the equation) by ‘(config-router)#metric weights’ command.
Mismatched k-value between neighbors prevent routers from becoming neighbors,
mismatch will be logged when using ‘show ip protocols’.
  In ‘show ip protocols’, ‘gateway’ in ‘Routing information source’ displays the interface that
connects to the network advertised by ‘network’ command. This doesn’t include the
loopback interface.
  Loopback interface will not have any peers.

 ‘metric holddown’ enables hold down timer as loop-avoidance measure
 ‘metric maximum-hops’ enable infinite hop count as loop-avoidance measure, maximum
configurable hops is 255
 RID is used in EIGRP to identify routers; duplicated RID will not prevent neighborship.

    ‘show ip eigrp traffic’ display statistics regarding EIGRP messages send/received.
    ‘show ip eigrp accounting’ display EIGRP RID and ASN

Neighbor table

    The neighbor table include:
-   Layer 3 address of neighbor + interface from which Hello (of that neighbor) is heard
-   Hold timer + Uptime (how long since the router first heard about neighbor)
-   Sequence number (of last packet send and received from neighbor)
-   Packets in Queue (high value indicate network congestion)
-   Retransmission timeout, RTO (time before retransmitting packet, if ack hasn't received)
- Smooth round trip time, or SRTT (take for a packet to take round trip)

Topology table

  The topology table include:
- Status of route (active or passive) + Status of Reply (whether the Query has a Reply)
- Status of Query (if send, another field that track) + status of update (has update been
- Prefixes, masks, interface, next-hop, feasible + advertised distance for every non-looping
  route to remote networks.
  These information are obtained through Update messages received

 When a route disappears, the router also contact its neighbors through Update message.
Query messages began to diffuse throughout the AS, but if no routes are found, the entry id
deleted from the routing and topology table.

EIGRP and Frame Relay + other topics

 In frame relay, neighborship can only form between 2 routers with PVC connecting them.

 In multiprotocol label switching (MPLS) VPN (Layer 3 service, perform routing), each
customer edge (CE) router is connected to MPLS at a provide edge (PE) router and forms a
EIGRP neighborship. PE routers communicate with each other using MP-BGP.

  In Metropolitan Ethernet (MetroE), routers connect each other using Ethernet links and see
each as in a big VLAN. This technology uses Virtual Private Wire Service (VPWS) for point-
to-point topologies, and Virtual Private LAN Service (VPLS) for multipoint topologies. EIGRP
neighborship can be form between all routers.

    Hello (5)      Update (1)        Query (3)      Reply (4)         ACK         Request
No RTP           RTP              RTP            RTP            RTP           No RTP
Multi/Uni-cast   Multi/Uni-cast   Multicast      Unicast        Unicast       Multi/Unicast
 Neighbor initialization, Hello(A), Hello(B), Update(B), ACK(A), Update(A), ACK(B)

  Update and ACK are used to exchange data topology, where Update contains the topology
information; ACK acknowledges the receipt of Update, it’s just an EIGRP packet with no data
and non-zero acknowledgement number. Update include: 1) prefix, 2) prefix length, 3)
metric factor, and 4) non-metrics (MTU and hop count).
  Note: MTU is used to tracked the minimum MTU you can use on the path.

 Request packets are used to get specific information from one or more neighbors and are
used in route server applications.

 Version: 0 OPCode: 1 (Update), 3 (Query),                Checksum [24 bits]
or 1 [4 bits] 4 (Reply), or 5 (Hello) [4 bits]
                                        Flags [32 bits]
                              Sequence: used by RTP [32 bits]
                                 Acknowledgment [32 bits]
                           Autonomous System Number [32 bits]
                            Type Length Values, or TLVs [32 bits]
 One TLV is parameter TLV that includes the K-values and the hold time.
TLV Type = 0x0001 (parameter) [16 bits]               Length: of the TLV [16 bits]
       K1                 K2                          K3                      K4
       K5              Reserved                          Hold Time [16 bits]

 Another TLV is internal route TLV
Type = 0x0102 (internal route) [16 bits]                  Length [16 bits]
                               Next Hop IP address [32 bits]
                                       Delay [32 bit]
                                     Bandwidth [32 bits]
                           MTU [24 bits]                              Hop Count [8 bits]
 Reliability [8 bits]  Load [8 bits]                       Reserved
Prefix Length [8 bits]                    Destination network [24 bits]
 Hop count defaults to a max of 100, but can be tuned to max of 255 with (config-
router)#metric maximum-hops’.

 One last TLV is the external route TLV to exchange external route information
                Type = 0x0103                                 Length [16 bits]
                               Next Hop IP address [32 bits]
                              Originating Router RID [32 bits]
                     Originating Autonomous System Number [32 bits]
                         Arbitrary Tag: redistribution tag [32 bits]
                                  External Protocol Metric
                   Reserved                    External Protocol ID [8 bits]     Flags
                                       Delay [32 bit]
                                    Bandwidth [32 bits]
                       MTU [24 bits]                                Hop Count [8 bits]
 Reliability [8 bits] Load [8 bits]                         Reserved
Prefix Length [8 bits]                     Destination network [24 bits]

 When new information arrives, the outgoing interface is associated with that neighbor and
delay (of this router) is added and recalculated. Bandwidth is changed to the slower of the 2
bandwidth, and update other items, such as load, reliability, MTU, and add 1 to hop count.

 EIGRP uses CUMULATIVE delay and LEAST-COST bandwidth. Note that using ‘delay’
command set delay in tens-on-microsecond, while ‘show’ commands display delay in
microseconds, making a tenfold difference (with ‘delay’ value 10 times bigger).

  EIGRP do not periodically flood updates.
  EIGRP uses split horizon on most interfaces by default. Split horizon means if the router
learns the best route for a network from an interface, the router will not advertise updates
about that network exiting from that interface.

 For point-to-point topologies, Updates and ACK are send using unicast address.
 For multipoint topologies, the central router will update using multicast, whereas the
connected routers reply with unicast ACK.

 Issues with multipoint interfaces using Frame Relay and EIGRP are caused by split horizon.
Specifically, these options have to be true:
1- 3 or more routers are configured as a part of a single subnet using Frame Relay
2- multipoint interfaces are used
3- permanently, or for a time, a full mesh of PVCs between routers do not exist.
  For instance, A and B are connected to C at C’s multipoint interface over Frame Relay. A
and B do not have a PVC link between them, and all routers are using EIGRP. EIGRP
neighborship will not be formed between A and B because no Hellos can be send.
  To make things worse, A and B can’t learn each other’s subnet due to split horizon. A
simple solution is to configure ‘(config-subif)#no ip split-horizon eigrp ASN’ on the
multipoint interface. If you are using RIP, use ‘(config-subif)#no ip split-horizon’ instead.
You can confirm your configuration using ‘show interface’ or ‘debug ip eigrp’ commands.

  Another problem for EIGRP in Frame Relay in the inability to multicast Hello messages
since Frame Relay block broadcast and multicast by default. A router can only generate all
the Update messages and encapsulate each with a unicast address. For a network with
many links, this may add much overhead to traffic.

 By default, a router consumes at most 50% bandwidth for EIGRP traffic, you can adjust
this with ‘(config-if)#ip bandwidth-percent eigrp ASN PERCENT’ or (config-subif)#; the
command HAS to be set in both mode. This way, the messages are buffered, then send out.

  Suggestion: set the bandwidth of PtP link as the CIR of the PVC
  Suggestion: the bandwidth MUST match for 2 routers connecting the same PVC
  When you have multiple PVCs, treat each one as PtP, meaning assign different bandwidth
to each other. In multipoint interface, the ‘bandwidth’ is equally divided over all links
  Set the bandwidth of multipoint link as number of PVC * lowest CIR. Since the total
bandwidth is divided to share between the number of links, EIGRP traffic is calculated based
on individual rate. E.g A and B are multilinked at C, which has total bandwidth of 2000
Kbps, if EIGRP is configured to take 30% of the traffic, then A has (2000 / 2) * 30% = 300
Kbps for EIGRP traffic.

  It’s possible for PVCs to work even if the total amount of CIR is greater than the access
rate. In frame relay, the excess traffic will be queued (if excess traffic is local) and if excess
traffic occurs in

 Know that ‘bandwidth’ is set per sub/interface (you can set a PVC/subinterface), so the
value has a maximum.

Changing the metric

 EIGRP metric can be changed by changing 1) its interface bandwidth, 2) its interface delay,
                                                    3) changing K-values, and 4) adding
Interface Bandwidth (Kbps) Delay (Microseconds)     metric using offset-lists.
Serial     1544                2000
                                                            When changing the metric factors of
GigibitE   1,000,000           10                         EIGRP, it is recommended that delay
FastE      100,000             100                        is changed instead of bandwidth since
                                                          ‘bandwidth’ effect many other factors
Ethernet   10,000              1000
                                                          as well (include SNMP statistics, QoS,
                                                          utilization, etc). Default setting is
listed on the left:

 When setting total bandwidth of PVCs to be greater than the access rate, PVCs can forward
normally when traffic is not heavy. But when each PVC is reaching its limit, packets will
begin to be dropped or the traffic has to slow down (with BECN and FECN in Frame Relay)
  Frame relay and Metro Ethernet installation often use an access link and have PVCs with
total CIR greater than the clock rate.
  In MetroE, shaping is typically applied when you are not using the entire link. Note that
this shaping applies to the entire router, not to its PVCs individually.

 Another way you can influence the metric is by changing the K-values with ‘metric weight
0 K1 K2 K3 K4 K5’ whereas Kn are replaced with its value. By default, K1 = K3 = 1 and K2
= K4 = K5 = 0. Changing K2, K4, or K5’s value include load and reliability in the calculation,
thus may cause route flapping and other problems.

 Offset list allow an engineer to add a value called offset, to FD of selected routes (by the
ACL). ‘(config-router)#offset-list {ACL_NO | ACL_NAME} {in | out} OFFSET
INTERFACE_TYPE INTERFACE_NUMBER’, Interface type and number is optional since the
router can match the network for all the routes it receives.
 ACL indicate the network/subnet to be searched by permitting it and interface type
number is where the ACL will be searched. The ACL must be a standard/named ACL.
 You will see the offset in action when you use ‘show ip eigrp topology’ (+ specific route)
the FD and (FD/RD) will be different, whereas FD is the FD before offset and (FD/RD) is the
FD after offset.

Successor and feasible successor

  Last section discussed how to change the metric calculations, this section discuss how to
converge faster. EIGRP uses the concept of successor and feasible successor, whereas
successors are placed into the routing table and feasible successor, and the feasible
successor runs DUAL to check if it’s loop-free.
  NOTE: feasible successor’s FD MUST BE LESS THAN (NOT EQUAL TO) successor’s RD.
  To verify feasible successor of a route, use ‘show ip eigrp topology’ or ‘show ip eigrp
topology all-links’.

  However, if no FS is present when successor fails, DUAL is ran to discover a loop-free
route; this is called going alive on a route.
  Routes for which the router has a non-loop successor route and no failure has yet occurred
remains in a passive state. Routes for which the successor route fails, with no feasible
successor routes, move to an active state. In this state,
- The route is designated with A in ‘show ip eigrp topology’ command.
- Query messages are send to every neighbor except the failed neighbor (also known as the
  successor route), asking for a route to that specific subnet.
- Neighbors that consider themselves being passive for that subnet (have route to that
  subnet and is active and loop-free) will 1) not forward Query messages, and 2) send a
  Reply message to tell the original router about the route.
- Neighbors that are active (do not have a route to that subnet) 1) flood Query messages to
  all its neighbors, 2) waiting for its neighbors Reply message (indicating some neighbors
  know about the subnet). The routers waits for all the Reply messages from the
  neighboring routers, then send a Reply back to the original router. If no routes can be
  found, an ‘unreachable’ message is send.
- The original router then decide which path it will choose and confirm whether it’s loop-free
  or not.
  Before any EIGRP neighborship is established, the routing table contains all subnets listed
in ‘show ip route connected’ and subnets redistributed from other routers.
  Split horizon is used in Query process to prevent loops.

Speed up convergence

 This method takes less than 10 seconds of convergence in a small network. In a large
network with many routers, it may be inefficient. The solution is either 1) stub routers, or 2)
router summarization.

 Stub router is a router that should not forward traffic between 2 remote EIGRP-learned
subnet. This is like a non-ABR or ASBR router in OSPF.

 Stub routers do not advertise EIGRP-learned routes from one neighbor to another. Non-
stub routers show which router is or is not a stub and do not forward Query messages to
stub routers (cause stub routers reply with “inaccessible” message). However, stub routers
will form neighborships with non-stub routers.

 Stub routers are configured by ‘eigrp stub’ command, parameters include:
Parameter      Default Combined Description
receive-only   Off     No          (optional) Prevents the router from advertising routes.
connected      On      Yes         (optional) advertise connected routes; may need ‘redistribute
                                   connected’ if the subnet is not included in ‘network’
static         Off     Yes         (optional) Permits redistribution of static routes with
                                   ‘redistribute static’ if subnet isn’t included in ‘network’
summary        On      Yes         Advertises summary routes.
redistributed Off                  Advertises redistributed routes, if redistribution is configured.
 Default stub options are connected and summary, only the exact match will be send. Stub
options are displayed in ‘show ip eigrp neighbors detail’

  ‘redistribute connected’ is a command that changes connected routes to be used by other
types of routing, such as routing protocol. (because connected route is not part of dynamic
routing process) However, since connected has AD of 0 and rest routing protocols have
higher AD, you wouldn’t see a change in the routing table.
  ‘redistribute static’ command does the same thing but for static routes.

 Summarizing routes is another way to reduce Query messages. If a router encounters a
Query message that asks for a subnet INCLUDED in one of its summary routes, it will send
an EIGRP Reply message immediately and doesn’t flood the Query message.

  IOS can set a timer to limit how long it take to receive Reply messages (in a large network
with many routers); the active timer is set default to 3 minutes (you can change this with
‘(config-router)#timers active-time MIN’. Routes that didn’t reply within the timer is
considered Stuck-in-Active (SIA) routes.

 Older IOS bring down the neighborship to the router where SIA routes comes from. From
IOS 12.2, a SIA-Query is send at half-time of the timer to the yet replying routers. If a reply
is heard back, the neighborship is still working, if no reply is heard back, the neighborship is

Load balance

 When you are using load balancing, whether equal cost or not, actually speed up
convergence so that one link going down, the other just working as normal.

  ‘(config-router)#maximum-paths NO’, with a default of 4 routes (in older routers, 6 is
max, while in new routers, max is above 16), configures the number of EIGRP routes to use,
then, depending on whether unequal cost load balance is used, ‘variance’ command takes
place (variance 1 disables unequal sharing; max 128). These commands can be verified by
‘show ip protocols’.
  In EIGRP, unequal sharing traffic is distributed equally so different-speed link are assigned
different load. WARNING: in a latency sensitive environment, setting ‘variance’ too high can
cause lost of data.

  When routes have been added to the routing table, the router can 1) send the traffic
proportionally, lower metric routes take more packets, or 2) all traffic is send over the
lowest-metric route, other routes are just there for faster convergence.

Route filtering

  This method enables the engineer to decide which routes are advertised in an EIGRP
update; this also decrease the size of the routing table. This is done with ‘(config-
router)#distribute-list’ command and 1) ACL, 2) prefix list, or 3) route maps.
Here is complete command:
‘distribute-list {ACL_NO | ACL_NAME} in [type_NO]’
‘distribute-list {ACL_NO | ACL_NAME} out [INT | ROUTE_PRO | ASN]

  When performing route filtering with ACL, permit statements allow route to be advertised,
while deny statement filters the route. This is done with ‘distribute-list ACL_NO {in | out}
[INT_TYPE INT_NO]’, whereas interface can be omitted to apply the ACL to all the
interfaces’ inbound or outbound traffic.
  If only routes from are allowed, actually fit.
  ‘gateway’ keyword can be used to allow/filter routes to that specific interface.

 Prefix list examine both (a range of) prefix and (a range of) prefix length. Prefix list is
more flexible than standard ACL and operate much faster than ACL. Prefix = route prefix =
subnet number = network address | Prefix length = subnet mask

 A prefix list is created in global configuration and has a sequence number to be edited. The
command looks like ‘(config)#ip prefix-list NAME [seq NO] {deny | permit PREFIX/PREFIX

1- A route’s prefix HAS to be within the range implied by prefix/prefix length.
2- The route’s subnet mask MUST match ranges of prefixes implied by PREFIX-LENGTH, ge,
and le parameters.
 ge(greater-than-or-equal-to) and le(less-than-or-equal-to) parameters are optionally.
NOTE: ge MUST be greater than the set prefix length, while le MUST be less than 32
   Parameter               Equation                                  Example
Neither        Prefix-length = CIDR            ip prefix list permit, CIDR = 8
Both           ge < CIDR ≤ le                  ge = 10, le = 13, CIDR = 11, 12, 13
Only ge        ge < CIDR ≤ 32                  ge = 28, CIDR = 29, 30, 31, 32
Only le        Prefix-length ≤ CIDR ≤ le       le = 10, prefix-length = 8, CIDR = 8, 9, 10
 Permit le 32 (in prefix list) = permit any (ACL)
 Deny ge 30 le 30 -> denies any route with /30 CIDR

 E.g (config-router)#distribute-list prefix R1 out -> where R1 is the name of prefix list.

  Route maps provide logic similar to if/then/else in programming language. A single route
map has one or more route-map commands in it, and routers process route-map commands
in sequential orders based on sequence numbers (added automatically or manually).
  Each command has underlying matching parameters configured with ‘match’ command. To
match all routes, simply omit ‘match’ command. Earlier entries have more precedence over
later ones.

 Route maps have commands like ‘route-map samplename deny 10’, then ‘match ip address
prefix-list ABC’ or ‘match ip address 1’. This causes subnets that matches the criteria of ACL
1 or prefix-list ABC to be discarded. For instance, if (in prefix-list ABC) is
permitted by the prefix list, its route will not show up because route maps have denied it.
 ‘show route-map’ will display related statistics.

  Here are some important points:
- route-map commands with the permit option either cause a route to be allowed through
  (if matched by the match command) or remain in the list of routes to be examined by the
  next route-map clause.
- route-map commands with the deny option either filter the route (if matched by the
  match command) or remain in the list of routes to be examined by the next route-map
- If a clause’s match commands refer to an ACL or prefix list, and the ACL or prefix list
  matches a route with the deny action, the route is not necessarily filtered. Instead, it just
  means that route does not match that particular match command and can then be
  considered by the next route-map clause.
- The route-map command includes an implied deny all clause at the end; to configure a
  permit all, use the route-map command, with a permit action, but without a match

Route summarization

 Route summarization differs from route filtering in that it reduce the routing table size BUT
do not affect the reach-ability of the route; EIGRP automatically summarize at classful
network boundary, but support manual summarization in every router.
 Route summarization reduces the Query Scope, this means unnecessary Query messages
are not flooded.

 Tradeoffs: cause suboptimal routing
            Packets destined for inaccessible subnets included in the traffic
 Suggestion: when planning a new part of a network, first assign the summary address to
the edge router, then assign address within the summary address to other devices.

 If there are multiple routes to the summarized subnet, the route with the lowest metric is
displayed and the other set up as backup route (or load balance if configured).

 A summary route is considered up and working unless all the routes to it has failed. This
uses ‘(config-if)#ip summary-address eigrp ASN PREFIX SUBNET_MASK’ on the interface
connected to the summarized subnets. Here is what happens:

- This router bring down all EIGRP neighborship on which the subordinate routes are
  configured, then up. This means a new set of topology table is exchanged (remember that
  the entire topology table is exchanged when a router starts up).

- This router advertises the summary route on the basis that this router ALREADY has a
  route to one of the subnets included in the summary route. No subordinate routes are
  advertised, which means subnets whose address ranges are within the summary route are
  not advertised.

- A route with exit interface of Null0 is added to the routing table. Null0 is a logical interface
  that acts as a trash can to delete all packets for subordinate routes contained in the
  summary route but not actually present. Performing a ‘show ip route IP_ADDRESS’
  command will show you whether a packet to this route will be discarded.
Note: if a packet matches a more specific route than the summary route, the packet is
forwarded. If the packet ONLY matches the summary route, it will be discarded. This is why
the automatic summary route has a exit interface of Null0; such a route is also called
discarded route.

Summary route has AD = 5 on local router, but neighbor only summary route with AD = 90

 EIGRP doesn’t automatically summarize external routes unless there is a subnet of the
same major network that is an internal route.

 When a router has multiple working interfaces, and those interfaces use IP addresses in
different classful networks, the router advertises a summary route for each classful network
on interfaces attached to a different classful network.

 Contiguous network: A single classful network in which packets sent between every pair
of subnets will pass only through subnets of that same classful network, without having to
pass through subnets of any other classful network.
 Discontiguous network: A single classful network in which packets sent between at least
one pair of subnets must pass through subnets of a different classful network.

 When routers belong to the same classful network summarizes, other router wouldn’t not
be abled to decide which router to forward the packet; maybe load balance can be used, but
only 1 copy of the message is distributed between 2 routers, causing partial loss to the
entire message. 2 solutions exist, 1) ‘no auto-summary’, or 2) stop using discontiguous
network (also for classful routing protocols).
 To discover whether EIGRP is currently using auto-summarization, use ‘show ip protocols’

Default candidate route
 There are many ways to configure default candidate routes in EIGRP, which the router will
choose the best to be the default route. However, if you don’t wish to advertise this route as
a default route, but still advertise it, use ‘default-information {in | out} [ACL_NO]’
command or ‘no default-information allowed in’ command to disable default routes from
that ASN and treat them as normal routes. There 4 ways to create a default candidate route

1) Define a ‘ip route’ followed by the next-hop router or exit interface (such
   as ‘null0’). Then advertise this route by ‘network’ (if this route fail, an Update will
   be sent). The route will be shown as internal EIGRP route.

2) If defined with ‘ip route’ followed by next hop, then advertised with
   ‘redistribute static’, the route shows as an external EIGRP route (EX).

3) ‘ip route’ + ‘eigrp stub static’ (optionally with ‘eigrp stub redistributed’ if
   not included in ‘network’) = candidate default internal EIGRP route.

4) Use a summary route as a default route by ‘ip summary-address eigrp ASN’ then advertise it, this default route will be shown as internal EIGRP route.

5) Flag an existing route to a classful network (because the subnet mask should be the
   same in all networks). Then advertise as the default route by ‘ip default-network
   NET_ADD’ command. Only an interface needs to participate in EIGRP for advertisement
   of this route, and that interface doesn’t have to include the classful route. It’s
   recommended to use a virtual interface if you don’t use a full classful network address
   between your Internet router and ISP router.
 A routing protocol is not required.
 You can only use ‘no default-information [allowed] {in | out}’

CCNA Summary

 Link state routing protocols include OSPF and IS-IS. Routers using OSPF is identified by a
Router ID (RID) in the entry of Link-state database (LSDB). RID has the same format as an IP
address, which can be automatically selected, or manually set. RID can be configured by
1)use ʻrouter-idʼ + RID after ʻrouter OSPFʼ + P_ID.
2)If above step no used, any loopback (always up/up virtual interface) address [ʻinterface
  loopbackʼ + number, then ʻip addressʼ command] with the highest numeric IP address is used.
3)If above steps are not used, the router picks the highest IP address (out of all its up/up
RID is chosen when the IOS is initially loaded. New, better address WONʼT take over after
OSPF is restarted by ʻclear ip ospf processʼ then ʻreloadʼ the router.

 After OSPF RID has chosen and interfaces come up, this router become neighbors with other
routers if they are connected to the SAME subnet. To discover OSPF neighbors, an OSPF send
Hello packets out and IP protocol type 89. LSAs are send out

  To form a neighbor relationship, both routers must have these criteria match:
- Subnet mask and subnet number (network address)
- Hello (10 sec by default) and dead (= 4* Hello) interval; if dead timer is up, a router is marked
  down and converge.
- OSPF area ID (Cisco suggest ≤ 50 routers in an area; AID ranges from 0 to 4,294,967,295.)
- Value of stub area flag
- Authentication password (if there is one)

  When discover other neighbors, the routers run SPF algorithm to fill their routing table. In the
beginning, both Router A and B are Down. If router A receives Router Bʼs Hello message (with
Router A not on the list of neighbors) and decide that Router B can be a neighbor (all criteria
meet), Router A adds Router B to the list of OSPF neighbor (a field in the Hello message) [this is
initialization]; this is two-way state for neighbors.
  Neighbors are kept track in a routerʼs neighbor database; use ʻshow ip ospf neighborʼ

 After both routers (in a link) recognize others, they began exchange their LSDB, which MUST
be the same for routers forming neighborship. The exchange of LSDB is done differently for
different topologies; in CCNA, only PtP and broadcast are considered. The topology of the
routers can be manually set with ʻip ospf networkʼ following the type.

 PtP topology refers to 2 routers that are directly connected (or the subnet has only 2 routers) to
each other. In this case, LSDBs are DIRECTLY advertised and updated between the routers
until they both become fully adjacent.

 On the other hand, if you were to exchange information for 10 routers on the same subnet, you
would be overwhelmed with the load of the traffic. In this case (multiple routers on the same
subnet), you need a Designated Router (DR) that act as the boss that distribute the information
to ALL the employees; the employees are NOT allowed to talk to EACH OTHER. DR has a
Backup called BDR. All other routers are known as DROther.
  When multiple routers exist, priority value of a router (usually) decide the DR and BDR. This
value range from 0 to 255, with 0 never considered for election.
- The router with the highest OSPF priority becomes DR, if priority ties, highest RID wins.
- If a new, better candidate comes along, no challenge is presented to the old DR and BDR.
- The router with second highest OSPF becomes BDR, if priority ties, second highest RID wins.
  After routers decide to exchange their LSDB, they send a list of LSAs to their neighbors asking
if they already have the LSAs. If yes, no further exchange is needed. If no, this router send the
missing LSAs to the neighbor.

 When a neighbor has all the LSAs, a neighbor is considered in a Full state. Hello messages
are still send, but if a neighbor is down (detected by the dead interval), the routers converge and
resend the necessary LSAs. Note that every LSA is flooded every 30 minutes, regardless of the
state of the router. However, each LSA has its own flooding period, instead of sending all LSAs
at once.

  LSAs ARE RECORDED IN ROUTERʼs LSDB, or OSPFʼs topology database; shown with
ʻshow ip ospf databaseʼ command. A LSA contains an entry for each known routerʼs RID, its
interface, IP address, mask and subnet, as well as all the routers reachable from that router.
SPF algorithm can pick the route with the least cost and place it in the routing table with ʻshow
ip routeʼ.

 In large networks, OSPF can be a pain in the ass since so many routers need configuration. A
viable solution is logically cut the network into smaller, logical divisions called areas. Area-
Border Routers (ABR) lies between areas and facilitate communication between routers by
manually-summarize the routes (thus reduce the number of routes). ABR belongs to both areas
and require more memory and CPU since it process routes about both areas.
Term                   Description
Autonomous System    An OSPF router that connects to routers that do not use OSPF for the purpose
Border Router (ASBR) of exchanging external routes into and out of the OSPF domain.
Backbone router        A router that has at least one interface in area 0
Internal router        A router in a single nonbackbone area.
Backbone area          A special OSPF area to which all other areas must connect. Area 0.
External route         A route learned from outside the OSPF domain and then advertised into the
                       OSPF domain.
Intra-area route       A route to a subnet inside the same area as the router.
Interarea route        A route to a subnet in an area of which the router is not a part.
Autonomous system      A set of routers that use OSPF; routers in the same network have same AS

 To configure OSPF,
Step 1. Enter OSPF configuration mode for a particular OSPF process using the router ospf
        process-id global command. Process-ID can range from 1 to 65,535.
Step 2. (Optional) Configure the OSPF router ID by:
        a. Configuring the router-id id-value router subcommand.
        b. Configuring an IP address on a loopback interface.
Step 3. Configure one or more network ip-address wildcard-mask area area-id router
        subcommands, with any matched interfaces being added to the listed area.
Step 4. (Optional) Change the interface Hello using (config-if)#ip ospf hello-interval time and
        Dead intervals with (config-if)#ip ospf dead-interval time
        Retransmit (for LSA if no acknowledgement is heard) interval with (config-if)#ip ospf
        retransmit-interval TIME
Step 5. (Optional) Impact routing choices by tuning interface costs as follows:
        a. Configure costs directly using the ip ospf cost value interface subcommand.
        b. Change interface bandwidths using the bandwidth value interface subcommand.
        c. Change the numerator in the formula to calculate the cost based on the interface
        bandwidth, using the auto-cost reference-bandwidth value router subcommand.
Step 6. (Optional) Configure OSPF authentication:
        a. On a per-interface basis using the ip ospf authentication interface subcommand.
        b. For all interfaces in an area using the area authentication router subcommand.
Step 7. (Optional) Configure support for multiple equal-cost routes using the maximum-paths
        number router subcommand.
 ʻshow ip ospf interfaceʼ command list more detailed information about each interface.
 OSPF, by default, load-balance over 4 equal-cost paths; but it can support up to 16 routes by
configuration. This is also true for EIGRP

OSPF packets

This is the OSPF header in front of all OSPF packet
Version [8 bits] Type: 1=hello, 2=database description, 3=          Packet Length [16 bits]
                 request, 4=update, 5=acknowledgement[8 bits]
Router ID: don’t change unless reload or interface (of RID) is shut [32 bits]
Area ID
Checksum                                                            Authentication Type
Authentication: only valid for OSPFv2 [64 bits]
Authentication Type = 0 for null, 1 for plain text, and 2 for MD5

Hello packet
           Network Mask: unnumbered and virtual interface = [32 bits]
Hello Interval Options: bit 0 (support ToS), bit 1 (support T7 LSA), bit 2 (support MOSPF),
  [16 bits]         bit 3 (support NSSA), bit 4 (support T8 LSA), bit 5 (support Demand
                 Circuit), bit 6 (support Opaque LSA), bit 7 (prevent loop in VPN) [8 bits]
Router Priority [8 bits]           Router Dead Interval [32 bits]           DR RID [32 bits]
  BDR RID [32 bits]        Neighbor: RID of all neighbor Hellos [variable]

Database Description packets
Interface MTU = 0 if Options: see Options    Flags: bit 0 (master if on), bit 1 (on if there’s
virtual link [16 bits] in Hello [8 bits]   more packet in the flow), bit 2 (off if this is the
                                           first packet in the flow), bit 3-7 (all off) [8 bits]
     DBD Sequence Number: master increment to support continuous packet [32 bits]
               LSA Header: contain multiple headers, each 20 bytes [variable]
Link state request
   Link State Type: LSA type [32 bits]           Link State ID: more info for LSA [32 bits]
        Advertising RID [32 bits]                  Checksum            Authentication Type

Link state update
      Number of LSAs carried [32 bits]               Link State Advertisement [variable]

OSPF neighborship in LAN

  All the ‘network’ commands are configured so the most specific wildcard mask is listed first
in the configuration file.
  If area is not specified in ‘network’ command, the closest match to the IP address of that
router interface will become the ‘network’ command of that subnet. However, this is not

  Hello messages are distributed to interfaces that have meet:
- Enabled with ‘(config-router)#network PREFIX SUBNET_MASK [area A_ID]’ or ‘(config-
  if)#ip ospf P_ID area A_ID’
- Must not have ‘(config-router)#passive-interface INT_TYPE NO’ configured
Note: distributing Hello on an interface means OSPF is attempting to find a POTENTIAL
neighbor on that interface.
  By default, Hello sends to broadcast link every 10 s and nonbroadcast link every 30 s

  OSPF support bidirectional forwarding detection(BFD) using ‘ip ospf dead-interval minimal
hello-multiplier’ followed by a number n. This command (also set hello and dead interval)
set the dead interval to 1 second, and hello interval to 1/n second. Hello Interval is included
in ‘show ip ospf interface’ command.

 Neighborship will not form between routers with the same RID, however, other routers in
the same area may be confused because it sees two routers with the same RID. Note that
this router may have only 1 route, although to 2 routers with same RID, so information may
be delivered incorrectly. OSPF can’t start without RID.

  If routers experience a MTU mismatch, they will remain in ‘EXCHANGE’ or ‘INIT’ state
forever. MTU can be set ‘ip mtu' or ‘mtu'

 Router with N neighbors have N SPF tree
                        Interface                                       Area

Clear (config-if)#ip ospf authentication           (config-router)#area A_ID authentication
Text (config-if)#ip ospf authentication-key PASS   (config-if)#ip ospf authentication-key PASS

MD5 (config-if)#ip ospf authentication message-    (config-router)#area A_ID authentication
    digest                                         message-digest
    (config-if)#ip ospf message-digest-key         (config-if)#ip ospf message-digest-key
    KEY_NO md5 PASS                                KEY_NO md5 PASS
 Password MUST be less than 16 characters. Key number doesn’t have to match.
 If both are configured, interface commands take precedence.

 The type of keys generated can be detected in ‘debug ip ospf adj’ (everything), ‘show ip
ospf interface’ (which type of authentication), and ‘show ip ospf neighbor’ (whether a
neighbor survived authentication).

 OSPF don’t support key chains, if there are 2 keys, and every packet wants to used
authentication, there will be 2 copies of each packet send. When you have a new key, you
must delete the old one to prevent excessive traffic.
Types of LSA

Link State Age: 3600 sec by default [16 bits]    Options: same as Hello Options [8 bits]
           Link State Type [8 bits]           Link State ID: describe LSA network [32 bits]
        Advertising Router [32 bits]              Link State Sequence Number [32 bits]
       Link State Checksum [16 bits]                         Length [16 bits]

LSA Common Name           Description
1     Router              Each router creates its own Type 1 LSA to represent itself for each area it
                          connects to. Type 1 LSA lists the RID and all interface IP addresses on that
                          router that are in that area. Represents stub networks as well.
2     Network             One per transit network. Created by the DR on the subnet, and represents
                          the subnet and the router interfaces connected to the subnet.
3     Net Summary         Created by ABRs to represent subnets listed in one area’s type 1 and 2
                          LSAs when being advertised into another area. Defines the links (subnets)
                          in the origin area, and cost, but no topology data.
4     ASBR Summary        Advertises route to reach ASBR; generated and advertised by ABR
5     AS External         Advertise External routes; generated and advertised by ASBR
6     Group Membership Defined for MOSPF; not supported by Cisco IOS.
7     NSSA External       Created by ASBRs inside an NSSA area, instead of a type 5 LSA.
8     External Attributes Not implemented in Cisco routers.
9–11 Opaque               Used as generic LSAs to allow for easy future extension of OSPF; for
                          example, type 10 has been adapted for MPLS traffic engineering.

                                        20-byte LSA Header
0 [4 bits]    V = on if E = on B = on 0 [9       Number of Links: count of all router links [16
             virtual link if ASBR if ABR bits]                      bits]
                                 Link state identifier ID [32 bits]
                                        Link Data [32 bits]
                 Type [8 bits]                   Number TOS = 0                 Metric
                                   Starting from Link ID again...
Combination for Type, LSID, and Link Data
Description                      Type            LSID                         Link Data
Point-to-point numbered          1               Neighbors RID                Interface IP address
Point-to-point unnumbered        1               Neighbors RID                MIBII IfIndex value
Transit                          2               DR RID                       Interface IP address
Stub                             3               IP network address           Subnet mask
Virtual Link                     4               Neighbor RID                 Interface IP address

  Type 1, or Router LSA, is created and advertised by every router.
- Each internal router has one Router LSA, while each ABR has multiple Router LSAs, one for
  each area.
- Router LSAs are flooded throughout its (intended) area by sending a copy to all connected
- Each Router LSA include:
   ~ All the neighbors directly connected, Router Interface address is where the LSA is send/
                                     20-byte LSA Header
                                    Subnet Mask [32 bits]
    Attached Router: list of RID in the segment, including DR. One per header [32 bits]
  Type 2, or Network LSA, is created when a DR (+ BDR) is present; this is a NMBA
topology. DR and BDR are elected based on their priority (1 - 255; default 1), if tied, check
RID. If DR and BDR are elected and better routers comes along, no change will take place
until either DR or BDR fails.
  This type of LSA is used as a pseudo-node, which is multicasted into the subnet connecting
all the routers. DR generates Network LSA and flood it out the interface connected to the
subnet; the LSID is the DR’s interface (that connect to the subnet) RID.
  This LSA also show the routers directly connected to it.

                                      20-byte LSA Header
                                     Subnet Mask [32 bits]
        0                                       Metric [24 bits]
 TOS = 0 [8 bits]                           TOS Metric = 0 [24 bits]
  OSPF can model all the topology inside a single area using Type 1 and 2 LSAs. When a
router uses its SPF process to build a model of the topology, it can then calculate the best
(lowest cost) route for each subnet in the area.
  When LSAs are first received, they are immediately flooded to other neighbors before the
algorithm takes place.

 One Type 3 LSA contains one subnet and lowest-cost to reach it from this ABR.

 Type 4 LSA has the same format as Type 3, but contain information about ASBR instead.

  By default, Cisco IOS doesn't limit the number of LSA. It can be limited with ‘(config-
router)#max-lsa LSA_NO’. When exceeded, the router generates log messages. After 1
minute, OSPF take down all adjacency and clear the database. This is ignore state
(configured by ignore timer), no OSPF packets are sent/received by interfaces that belong
to the OSPF process. If the OSPF process remains normal for the time that is defined by a
reset-time parameter, the ignore state counter is reset to 0.

 The command to see all LSAs is ‘show ip ospf database [LSA_TYPE LSID]’, here is the
complete format: ‘show ip ospf database [router | network | summary | asbr-summary |
nssa-external | external | database-summary]

Database Exchange Process

 This process utilize 5 types of messages:
Message Name/number        Description
Hello (1)                  Used to discover neighbors, supply information used to confirm two
                           routers should be allowed to become neighbors, to bring a neighbor
                           relationship to a 2-way state, and to monitor a neighbor’s
                           responsiveness in case it fails
Database Description (DD   Used to exchange brief versions of each LSA, typically on initial topology
or DBD) (2)                exchange, so that a router knows a list of that neighbor’s known LSAs
Link-State Request (LSR)    A packet that lists the LSIDs of LSAs the sender of the LSR would like
(3)                         the receiver of the LSR to supply during database exchange
Link-State Update (LSU)     A packet that contains fully detailed LSAs, typically sent in response to
(4)                         an LSR message. Retransmit in 5 second if not acknowledged.
Link-State Acknowledgment Sent to confirm receipt of an LSU message. Contain common OSPF
(LSAck) (5)               header + list of LSA header

   OSPF uses Finite State Machine (FSM) to determine 8 neighbor states used to describe
the current state of each OSPF neighbor. Adjacency is established when routers have the
same LSDB.
State     Meaning
Down      No Hellos have been received from this neighbor for more than the dead interval.
Attempt   Used when the neighbor is defined with the neighbor command, after sending a Hello, but
          before receiving a Hello from that neighbor.
Init      A Hello has been received from the neighbor, but it did not have the local router’s RID in it
          or lists parameters that do not pass the neighbor verification checks. This is a permanent
          state when Hello parameters do not match.
2Way      A Hello has been received from the neighbor, it has the router’s RID in it, and all neighbor
          verification checks passed.
ExStart   Currently negotiating the DD sequence numbers and master/slave logic used for DD
Exchange Finished negotiating the DD process particulars, and currently exchanging DD packets.
Loading   All DD packets are exchanged, and the routers are currently sending LSR, LSU, and LSAck
          packets to exchange full LSAs.
Full      Neighbors are fully adjacent, meaning they believe that their LSDBs for that area are
          identical. Routing table (re)calculations can begin.

Database Exchange without DR

1. Down state: no messages send
2. INIT state: Hello Messages send
3. 2-WAY state: neighborship is confirmed with matching Hellos; neighbors are listed in the
   Neighbors List. Since no DR is present, exchange process will begin.
4. ExStart state: begins after first DD packet is sent to (unless ‘neighbor’
   command has set, making the DD unicast).
DD messages include LSID and LSA sequence number, which begin with 0x80000001 and
increment when changes have taken place. This way, LSAs contained by router and their
version can be used to determine whether the LSA will be send to the neighbor.
5. Exchange state: begins after Master is elected (router with highest RID). Master first
   send DD messages responded by the slave (whether it has the LSA or not). When master
   finishes, slave can update DD messages (LSA headers) that master doesn’t have.
When this state ends, routers know what LSA to send to neighbor and what LSA it wants the
neighbor to send to it.
6. Loading state: based on the above information, send LSR (link state request) for wanted
   LSAs. Neighbor reply with LSU (link state update), which contains the real LSA.
   Acknowledge receipt of LSU by 1) implicit acknowledgement, sending back the identical
   LSU, or 2) explicit acknowledgement message called LSA ACK.
7. FULL state: every router has the same LSDB.
Database Exchange with DR

 If the network type is either broadcast or NMBA, each non-DR router (including BDR), form
a neighborship with DR and exchange LSA with it; this way, DR acts as a pseudonode that
distribute information.
1. Down state: no messages send
2. INIT state: Hello Messages send
3. 2-WAY state: neighborship with DR and BDR is confirmed with matching Hellos;
   neighbors are listed in the Neighbors List.
4. ExStart state: begins when neighbor send first DD packet to; DR + BDR
   multicast address.
5. Exchange state: Master is always DR, regardless whether it has the highest RID or not;
   send DD messages of LSAs it know to slave at When master finishes, slave
   can update DD messages (LSA headers) that master doesn’t have.
6. Loading state: based on the above information, send LSR (link state request) for wanted
   LSAs. Neighbor reply with LSU (link state update), which contains the real LSA.
   Acknowledge receipt of LSU by 1) implicit acknowledgement, sending back the identical
   LSU, or 2) explicit acknowledgement message called LSA ACK.
7. FULL state: every router has the same LSDB.

 There are 2 types of neighborships that can be formed in OSPF: neighbors and full-
adjacent neighbors.
 In a PtP relationship where only 2 routers exist, both form fully-adjacent neighborship.
 In a NMBA, FULL state refers to the converged state between a DROTHER and DR or BDR,
while 2WAY refers to the relationship between non-DR and BDR neighbors.

  In an already formed neighborship, new LSAs are immediately forwarded out to connected
neighbors. In other words, they are forwarded out to other neighbors before LSAs are put
into the SPF algorithm; this is where link-state has more advantage in convergence time
than distance-vector.
  For a newly added connection, the new router first exchange LSAs with current neighbor.
Then, the current neighbor distribute the LSAs before calculate using SPF algorithm.

  Each LSA is reflooded every 30 minutes, regardless of changes made to it. Router
increments the sequence number, reset the timer, then reflood the LSA; if a router receives
a LSU with lower LSA sequence number (than its own), it will forward its copy of newer LSU.
  When a router realize it need to flush an LSA for LSDB, it set the MaxAge to 3600 seconds
then reflood the LSA. Other routers see the age is already at the maximum, causing those
routers to remove this LSA.
  LSA checksum is performed (according to each LSA) every 10 minutes

OSPF route selection

 Each route has a cost equal to the sum of costs of all outgoing interfaces; OSPF chooses
the lowest-cost route to a subnet and places it in the routing table.

  When multiple routes exist to the same destination, the lower type LSA is first considered.
If tied, cost is used to break it.

 For intra-area route, decision can be easily made using Type 1 and 2 LSA.
 For inter-area route, route is chosen based on Type 3 LSA; marked with O IA; all inter-
area route MUST pass through area 0.
  For inter-area routes that relates to 2 or more ABRs, an ABR COULD choose an inter-area
route over the intra-area route. However, there are 2 rules that prevent this:
- intra-area routes have precedence over inter-area route
- If an ABR learns a Type 3 LSA (other than its own) inside a backbone area, the ABR
  ignores that LSA when calculating its own routes.

 A change to the Type 3 LSA–it fails, comes back up, or the metric changes–does impact
the choice of best route, so the changed Type 3 LSA must be flooded.
 However, non-ABR don’t run SPF again, only change in Type 1 and 2 LSAs require an SPF

 OSPF calculate an interface cost = (reference-bandwidth in Kbps)/(interface-bandwidth in
Kbps). There are 4 ways to change an OSPF metric:
1) change reference bandwidth, by ‘(config-router)#auto-cost reference-bandwidth’
   followed by the bandwidth in Mbps. Recommend to use same command in all routers in
   the same domain; difference doesn’t result in failed neighborship. Default is 100 Mbps
2) change interface bandwidth, by ‘(config-if)#bandwidth’ command followed by bandwidth
   in Kbps. By default, bandwidth is 1544 in serial interface and sub-interfaces. For ports
   using auto-negotiation, the speed is the negotiated speed.
3) set OSPF cost directly by ‘(config-if)#ip ospf cost’ followed by the value. Override ‘auto-
   cost reference-bandwidth’
4) Change the cost for the default route advertised by this router using ‘(config-
   router)#area A_ID default-cost COST’

 An LSA should be unfavorable when it’s redistributed from BGP. In this case, it should be
configured with ‘(config-router)#max-metric router-lsa on-startup {wait-for-bgp |

OSPF Route Filtering

 OSPF advertise LSAs, thus, they filter LSAs. However, since filtering Type 1 and Type 2 LSA
would cause SPF to fail, 3 options exist:

- Filter Type 3 LSAs on ABR using ‘(config-router)#area A_ID filter-list prefix NAME {in |
  out}’ command, whereas NAME is the name of the prefix-list that controls the traffic.
  Denied subnets are filtered, while permitted subnet flow through as normal. ‘in’ keyword
  applies the prefix list to subnets coming IN from other areas. ‘out’ keyword applies the
  prefix list to subnets going OUT to other areas.
When designing filter for multi-area topology, you should be careful with ‘out’, since it
prevents the LSA from spreading to every other area.
Type 3 LSA filters on T3 LSA for the entire area.

- Filter Type 5 LSAs on ASBR using ACL, prefix list, route map, or ‘default-information’

- Filter routes OSPF would normally add to the routing table on a single router. This method
  is performed after SPF algorithm and before routes are placed in the routing table. This
  feature does not change the LSDB flooding process, does not change the LSAs added by
  ABRs or ASBRs, and does not change the SPF algorithm’s choice of best route.
Usually, a ‘(config-router)#distribute-list’ command is used, along with ACL, prefix-list, or
route map. ‘in’ here filters the routes BEFORE it’s placed in the routing table. ‘interface’ can
be included to match the route from a certain interface.
 Note that LSAs are not filtered, the router just prevented from entering the RIB; the LSA
can still be seen on the LSDB.

Manual summarization

 Summarization differs when applied to ABR and ASBR.

 In ABR, you use ‘area A_ID range IP_ADD MASK [advertise | not-advertise] [cost COST]’
 The ABR must have one subordinate subnet from that range of address; if no subordinate
subnet exist, the LSA is not advertised.
 The metric for the summary route’s Type 3 LSA is the best metric of all subordinate
subnets; or it can be manually set with ‘cost’ keyword.
 A summary route can be hidden (or not advertised) by adding ‘not-advertise’ keyword in
the end of the command.
 If you use a summary route for some subnet ( and you have another
subnet (not included in the summary route, e.g, this area will then advertise the
summary route and that subnet (2 Type 3 LSAs). However, if area 0 is a transit area (with
virtual link), then the individual subnets will be advertised instead.

  ASBR, redistribute routes into OSPF from other routing source and create Type 5 LSA for
each redistributed subnet. The network address is the LSID and RID of ASBR become the
advertising router.
  For type 5 LSA to distribute, the requirements are similar to that of ABR except you use
‘(config-router)#summary-address IP_ADD MASK [not-advertise]’ command. ‘redistribute
static’ only works for non-default static routes.
  This means you can’t manually set the cost at ASBR.

Default route

 A default route can be created by using a IP address of as a summary
route for ABR or ASBR. However, it’s not as popular as ‘(config-router)#default-information
originate’ and stub area when distributing a default route.
 The main goal for default route in ASBR is to direct traffic to the Internet.
 The main goal for default route in ABR is to direct traffic to another area.

 ‘(config-router)#default-information originate [always] [metric COST] [metric-type TYPE
VALUE] [route-map NAME]’ command tells ASBR to flood a default route (Type 5 LSA)
pointing to itself IF it has a default route in its routing table.
 The default route on the ASBR is either statically entered or learned redistributed.
 ASBR stop advertising its default route if it fails.
 The default route has a default metric of 1 and metric type of E2

 ‘always’ keyword allow the default route to be advertised even if ASBR’s default route is
down. During this time, packets for the Internet will be received then discarded.
 ‘metric’ keyword allow you to define the metric, default is 1
 ‘metric-type’ keyword defines type of metric, external type 1 or type 2, default E2
 ‘route-map’ controls what to advertise, withdraw the default route
 Another method to provide default route is with stub area. The idea is that (other) routers
will no longer acknowledge any other routes (to the outside) except one from the ABR (with
IP add and mask of
 All routers MUST be stubby to remain neighbors. The cost of the default route, if not set
with ‘area default-cost’, the default cost is 1
                      Stub Area    Totally Stubby Area          NSSA                 Totally NSSA

 Default route of    Yes; as T3   Yes; as T3 LSA         No, unless ‘(config-   Yes; as T3 LSA     LSA                                 router)#area A_ID
                                                         nssa default-
    from ABR
All routers must be Yes           Yes                    Yes                   Yes
same type of stub

 Command for stub (config-        ‘(config-router)#area ‘(config-router)#area ‘(config-router)#area
                  router)#area    A_ID stub no-         A_ID nssa’            A_ID nssa no-
                  A_ID stub’      summary’              On each router        summary’
                  On each         On ABR and                                  On ABR and
                  router          ‘(config-router)#area                       ‘(config-router)#area
                                  A_ID stub’                                  A_ID nssa’
                                  On other routers                            On other routers
  Command to set     (config-      (config-router)#area (config-router)#area   (config-router)#area
  cost of default    router)#area A_ID default-cost     A_ID default-cost      A_ID default-cost
                     A_ID default- COST                 COST                   COST
                     cost COST
 Filter Type 3 LSA No             Yes (except default    No                    Yes (except default
                                  route)                                       route)
 Filter Type 4 LSA No             Yes                    No                    Yes

 Filter Type 5 LSA Yes            Yes                    Yes                   Yes

 Filter Type 7 LSA Yes            Yes                    No                    No

   Redistribute      No           No                     Yes                   Yes
  external routes

 Cisco Proprietary   No           Yes                    No                    Yes

  About default route generated:
- Stub and totally stubby areas automatically generates a summary LSA (3) with LSID and network even if no default route is configured. Of course, you need to
  have ‘area A_ID stub [no-summary]’ command set
- For NSSA, you can manually configure a default route or manually force the area to
  automatically generate a default route by ‘area A_ID nssa default-information originate’
- For totally NSSA, a default route will be automatically generated and advertised.

 ‘default-information {in | out} {ACL_NO | NAME}’ command control EIGRP’s default
candidate advertisement.
 ‘default-information originate’ allow/stop BGP from advertising its default route.
 ‘default-information originate [route-map NAME]’ command control how and what default
routes to advertise in RIP, IS-IS.
 ‘default-information originate [always] [metric VAL] [metric-type TYPE] [route-map NAME]’
command advertises a Type 5 LSA with LSID and network, making this
router an ASBR. By default, OSPF router don’t advertise default routes throughout the
domain, they keep it to themselves.
 Type 7 LSA act as a Type 5 LSA and is specially designed to work with stubby area. NSSA
and totally NSSA DO reject Type 5 LSA, but ABRs accept Type 7 LSA as an alternative (and
advertise them as Type 5 LSA to the internal routers).

Here are some show commands to verify the result.
• show ip ospf– Confirms with one (highlighted) line that the router believes that the
area is a stub area.
• show ip ospf database summary– By definition, this command lists all
summary (Type 3) LSAs with prefix
• show ip ospf database database-summary– This command lists statistics about the
numbers of and types of LSAs in the database.

OSPF virtual link

    Good OSPF design requires:
-   Each area to be contiguous
-   The transit area can’t be stub
-   Each non-backbone area should connect to backbone area through ABR
-   There must be only one backbone area

 Virtual link allows 2 ABRs that connect to the same non-backbone area to from a neighbor
relationship even though it may not be physically close.

 This typically happens when there are 2 areas (with same area ID, which is often area 0)
connecting to the same area. To prevent an A_ID collision, virtual link is configured on both
ABRs connecting the 2 same-area-ID area; thus, making the 2 areas appear as one. The
ABRs also consider themselves as linked in a PtP fashion.
 Another, simpler solution, is to just change the area-ID.

  When the ABRs forward data to each other, they are encapsulated in an IP packet with
destination address of the other ABR (unicast), and the routers in the shared area would
forward them as normal.
  LSAs forwarded over the virtual link usually has the ‘Do Not Age’, or DNA bit set. This
means if no changes occur, the 30-minutes reflood of LSA do not occur. However, if there is
a topology change, the new LSA will be forwarded. Hellos are also not send.
  If all the routes from the shared, or transit area to one of the duplicated area fails, the
virtual link immediately fails.

 Configure virtual link, use ‘(config-router)#area A_ID virtual-link R_RID’. R_RID refers to
the RID of the other ABR. A_ID is the area ID of the shared area.

 As neighborship continues, the 2 ABR will eventually reach FULL state. Check with ‘show ip
ospf virtual-link’ command, and the neighborship should appear in ‘show ip ospf neighbor’.
 The PtP neighborship of OSPF will be connected at ‘VL0’ virtual interface.

Type       No. Command Syntax for Virtual Links
none        0 area num virtual-link router-id authentication null
clear text 1 area num virtual-link router-id authentication authentication-key key-value
MD5         2 area num authentication message-digest
              Area NUM virtual link RID message-digest-key key-num md5 key-value

OSPF neighborship in WAN

 Most of the process is the same as in LAN, but due to the different service and topology in
WAN, part of route selection process differs.

  OSPF network type differ on each interface (depends on what topology it’s involved into),
you need to consider the following:
- whether the link allows router to multicast Hellos?
- Whether 2 or more OSPF routers can exist in the same link?
- Whether router should attempt to elect OSPF DR on that interface?

 OSPF network type is set by ‘(config-if)#ip ospf network’ followed by:
Parameters             Use DR/ Hello Dynamic neighbor >= 2     Cisco       Media type
                       BDR?          discovery        routers? prop.
Broadcast (LAN)        Yes         10   Yes              Yes        Yes    Ethernet, FDDI,
                                                                           Token Ring
Point-to-point         No          10   Yes              No         Yes    Frame relay and
                                                                           ATM PtP, HDLC, PPP
Loopback               No          —    —                No
Nonbroadcast (NBMA) Yes            30   No               Yes        No     Frame relay, ATM,
                                                                           x.25, SMDS
Point-to-multipoint    No          30   Yes              Yes        No
Point-to-multipoint    No          30   No               Yes        Yes
  ‘show ip ospf interface’. Serial link doesn’t elect DR/BDR cuz it’s PtP
  PtP network type uses multicast to send information
  Loopback interface is treated as a stub host and always advertised with cost of 1. If the
network type is ‘loopback’, the route is always advertised as /32 route. If network type is
‘point-to-point’, the address is advertised whatever its CIDR is.

 When using MPLS VPN, customer router (CE) connect using serial link, Frame Relay, or
Ethernet to PE. CE will ONLY form an OSPF neighborship with PE.

  When using Metro Ethernet, router will direct VPWS (PtP) or VPLS (multipoint) traffic from
sub-interfaces of Ethernet into the network by VLAN trunking. In this WAN, routers do not
form OSPF neighborship with routers (from ISP) connect to them, ONLY the ends of the

OSPF and Frame Relay

 There are many network types used in Frame Relay, here is a brief summary:
ip ospf network       DR/    ‘neighbor’ Broadcast/            Default Cisco       Best
                      BDR    command multicast                Hello   Proprietary Topology
broadcast             Manual No          Yes                  10     Yes         Full mesh
nonbroadcast          Manual Yes         No                   30     No          Full mesh
Point-to-point        No     No          Yes                  10     Yes         Point-to-point
point-to-multipoint No      Yes        Yes                  30      No           Any
point-to-multipoint No      Yes        No                   30      Yes          Any
 Some engineers choose to use a network type that elect DR and BDR. However, for this
design to work, 1) a PVC MUST exist between DR and every other router in the subnet, and
2) a PVC MUST exist between BDR and every other router in the subnet.
 If the above requires can’t be met, it’s best that you don’t use this network type at all.

 Point-to-point occur between 2 routers only.

 Broadcast is multiaccess, which means multiple end points and a central point (maybe a
switch). Broadcast and multicast messages are supported on this type of topology, and DR
and BDR will be elected. Work best with full mesh, if design is not full mesh, DR need to be
elected manually.
 This is the default network type on Ethernet interfaces.

  Non-broadcast: same physical topology as broadcast, but don’t support broadcast or
multicast messages. Must send unicast (include Hello) and must know other’s IP address
(require ‘neighbor’ command). Include NBMA and point-to-multipoint
- NBMA: Work best with full mesh, DR and BDR are elected manually if design isn’t full
  mesh. ‘neighbor’ command can’t use ‘cost’ parameter
- Point-to-multipoint: all router address are in the same subnet; don’t need DR and BDR.
  Work best with partial mesh; MUST specify neighbor with ‘neighbor’ command.

 With point-to-multipoint, the router considers the dynamically discovered neighbors to be
reachable with a cost equal to the cost of the associated multipoint subinterface, so the cost
cannot be set per neighbor. Can use ‘neighbor’ command to set the neighbor.

 ‘(config-if)#neighbor IP_ADD [priority VAL][poll-interval SEC][cost MET]’ command, where
this router continues to send Hellos to inactive neighbor (for certain situation) at a reduced
rate; default is 120 seconds. Priority can also be set with ‘ip ospf priority’ command.

 Note that having different network type will cause problems that are very difficult to
predict, and there is no mechanism from preventing you to set different network type, so
ALWAYS configure the same network type.

 A sub-interface can be point-to-point or multipoint. Point-to-point sub-interface, by
default, use point-to-point network type.

 A simple configuration would include IP address for a subnet in a single sub-interface. But
configuring a single IP address for each router in the entire router subnet saves IP address
and number of subnets.

 Multipoint can support any network type except point-to-point, and by default, uses NBMA
network type (both multipoint and serial interface). This sub-interface allow neighbor to
dynamically recognize each other.

 If router A and B are in a Frame Relay partial mesh network, but are not directly
connected to each other. When A wants to send packets to B, its IP header will include a
destination IP address (of B), and a DLCI (of another router, router C, that has both PVC to
A and B). When C receives the packet, it will forward it to B.
  This is done by placing a static map command of B’s IP address and C’s DLCI, so all traffic
for B will go to C. Vice versa also need to be configured for the opposite traffic. This way,
ping will work and so will other traffic.

 In serial interfaces, a broken link between R1 and R2 cause R1 not be abled to ping the IP
address on both interfaces because the ping needs to leave the link. You can verify this with
the round-trip time to ping (from R1) to R2 and R1's own interface.
Integrated IS-IS
 A router is known as intermediate system (IS) and end devices are known as end-system
(ES); so IS-IS really just mean router to router routing protocol. IS-IS is specified to route
CLNS; which provides connectionless network service like UDP.
 OSI network layer protocol is CLNP (also known as ISO-IP) and used for CLNS. IS-IS start
as a OSI routing protocol, it uses a CLNS address as RID for management purpose.
 IS-IS also uses CLNS addressing called NSAP.

  Integrated IS-IS can operate in both ISO and IP environment
  IS-IS uses a single DR and different timers.
  When using frame relay static maps, use ‘(config-if)#frame-relay map clns DLCI’
  In order for frame relay to operate correctly with IS-IS, you can use one of 3 methods:
- Subinterfaces
- GRE tunnels, not scalable and require much configuration
- Full mesh frame relay, not scalable.

    OSI support 4 routing levels, meaning that router can be either one of them:
-   0: find end-system and ES-to-IS
-   1: exchange routes within an area
-   2: exchange routes between areas
-   3: between autonomous system and is the province of interdomain routing protocol (IDRP)

 All devices of the same level have the same LSDB. Devices exist in more than one level
must maintain LSDB for each level.
 Link State Packets (LSPs) are used to exchange information and form LSDB. Routers only
maintain level-n information that is common to both routers.

    For adjacency to form, these fields from Hello packet must match:
-   MTU
-   Support same routing level
-   Unique system ID
-   Matching authentication
-   Same Hello and Hole timers
-   When connecting to another area, one router must be able to support both levels.

 IS-IS support 2 network types, broadcast and point-to-point.
 In point-to-point relationship, after adjacency is established, CSNP is send, which is a list
of all the links held in the LSDB. Hold = Hello * 3
 In broadcast relationship, DIS is elected, and Hello between DIS and non-DIS take place
every 3.3 seconds. If a router fail to receive Hello from DIS, it’s forced to resign even
though it can contact other routers.
 Non-broadcast relationships are recommended to be set as a series of point-to-point.

 DIS is elected based on Layer 2 addressing, the lowest wins. Priority is also included in the
criteria, change with ‘(config-if)#isis priority’ command.

IS-IS metric
  There are 4 type of metrics used in IS-IS:
- Default, or Cost metric, must be supported by all routers. Inversely proportional to
  bandwidth, lower metric, more preferable.
- Delay metric is optional, and measures the time data travel from one point to another.
- Expense metric is also optional
- Error metric measure residual error probability of a link; optional.
Note: these values are carried by TLV 2, 3, 5, 128, and 130.

 By default, all interface metric are 10 since old style allow on 6 bits to carry the metric,
wide-style metric is better in serving the purpose of determining the best path.

Short spanning tree, SPT
  When SPF starts to run, all routers are classified as one of 3 sets:
- Unknown: all routers except the root
- Tentative: as SPF continues, all routers start move to this set beginning with ones directly
  connected to the root
- Paths: moves to this set from tentative beginning with routers directly connected to root.


  IS-IS PDU is encapsulated directly in a frame. The fixed header is 8 bytes long, but can be
followed by a list of optional fields called TLV. They use the same header:
     IRPD: specify L3 protocol [8 bits]            Packet Length: in bytes [8 bits]
Version/Protocol ID Extension: = 1 [8 bits]      ID Length: of NSAP address [8 bits]
       Reserved          PDU Type [4 bits]                Version: 1 [8 bits]
                 Reserved                     Maximum Area Addresses: 1 - 254 [8 bits]
                                 Additional Header Fields
                                        TLV Fields
ID Length = 0 (6 bytes)      ID Length = 255 (no NSAP add)         ID Length = 1-8 (actual len)

Hello, LSP and SNP
  IS-IS uses 3 types of packets:
- Hello PDU form adjacency, there are 3 types of Hellos, LAN Level 1 Hello, LAN Level 2
  Hello, and Point-to-Point Hello PDU.
1) End system hellos (ESH) to attach ES to routers; attach the local subnet
2) IS hellos (ISH) for routers to announce themselves back to ES
3) Intermediate-to-intermediate hellos (IIH) is used between routers at level 1 and 2. There
   are 2 types of IIH due to different network types. There are point-to-point hello (Level 1
   IIH) for PtP link and LAN hello (Level 2 IIH) over broadcast links.
  Hellos are send out using L2 multicast, Level 1 LAN are send to multicast 0100.C200.0014,
while Level-2 Hello are send to 0180.C200.0015.
  IS-IS also have 0900.2B00.0005 to reach all IS and 0900.2B00.0004 to reach all ES.

This is the same format for L1 and L2 Hello PDU
                        IRPD                                      Packet Length
          Version / Protocol ID Extension                            ID Length
  R       R       R              PDU Type                             Version
                      Reserved                              Maximum Area Addresses
  Reserved (6 bits)           Circuit Type: use 2 bits; 0x01=L1; 0x02=L2; 0x03=L1/L2
                          Source ID: system ID of sender (6 bytes)
                                    Holding Time (2 bytes)
                          PDU Length: in bytes = 0x1492 (2 bytes)
 Priority: use for DIS election on broadcast/NBMA segment. First bit = 0, priority default:
       64, range: 1 - 127. Election is preemptive, form N * (N - 1) adjacency (1 byte)
                   LAN ID: system ID + circuit ID of current DIS (7 bytes)
                                     TLV Fields (variable)
PtP Hello PDU is used on WAN links regardless of Level type
                      IRPD                                         Packet Length
         Version / Protocol ID Extension                             ID Length
   R     R      R              PDU Type                               Version
                    Reserved                                 Maximum Area Addresses
         Reserved (6 bits)                              Circuit Type (2 bits)
                                   Source ID (6 bytes)
                                 Holding Time (2 bytes)
                                  PDU Length (2 bytes)
                         Local Circuit ID: identify a link (1 byte)
                                   TLV Fields (variable)

- Link state PDU is used to distribute routing information; it has the same format for Level 1
  PDU and Level 2 PDU and list their adjacencies; TLV hold the level 1 and 2 information.
  Different TLV can be designed to carry different information, frames with un-supported TLV
  are ignored.
                    IRPD                                     Packet Length
      Version / Protocol ID Extension                          ID Length
   R       R         R        PDU Type                          Version
                  Reserved                             Maximum Area Addresses
                                   PDU Length (2 bytes)
                       Remaining Time: specified in seconds (2 bytes)
   LSP ID: combination of system ID, circuit ID, and LSP number; identify PDU (8 bytes)
                      Sequence Number: like revision for VTP (4 bytes)
                                    Checksum (2 bytes)
  Attributes: bit 1-2=0x01 (L1) or 0x03 (L2 or L1/L2); bit 3=whether to use this LSP; bit
     4-7=router is attached to another area; bit 8=not supported on Cisco IOS (1 byte)

- Sequence number PDU control distribution of LSP and what LSDB to form. Specific for
  each level, SNP can be complete or partial, which is CSNP (contain complete listing of LSP
  in LSDB; advertised to form adjacency) or PSNP. SNP are never flooded; they are send
  between neighbors. Unrecognized LSP are passed down rather than discarded.

CSNP format
                  IRPD                                        Packet Length
     Version / Protocol ID Extension                            ID Length
   R      R       R         PDU Type                             Version
                Reserved                                Maximum Area Addresses
                                    Length (2 bytes)
                 LAN ID: system ID + circuit ID of current DIS (7 bytes)
                   Start LSP ID: = 0 to indicate the first LSP (8 bytes)
           End LSP ID: = 0xFFFF.... To indicate the last LSP possible (8 bytes)
                                     TLVs (variable)

PSNP format
                  IRPD                                    Packet Length
     Version / Protocol ID Extension                        ID Length
   R      R       R         PDU Type                         Version
                Reserved                             Maximum Area Addresses
                                    Length (2 bytes)
                                  Source ID (7 bytes)
                                     TLVs (variable)
Here are the different types of TLVs used.
    Packet Type         PDU Type    TLV Type               TLV Name
  LAN Level-1 Hello        15          1                  Area Address
       Packet                          6             IS Neighbors (Hellos)
                                       8                     Padding
                                       10          Authentication Information
                                      129             Protocols Supported
                                      132             IP Interface Address

  LAN Level-2 Hello        16           1                 Area Address
       Packet                           6            IS Neighbors (Hellos)
                                        8                    Padding
                                       10          Authentication Information
                                       129            Protocols Supported
                                       132            IP Interface Address

 Point-to-Point Hello      17           1                 Area Address
        Packet                          8                    Padding
                                       10          Authentication Information
                                       129            Protocols Supported
                                       132            IP Interface Address

 Level-1 Link State        18           1                  Area Address
       Packet                           2               IS Neighbors (LSP)
                                        3                  ES Neighbors
                                        6             IS Neighbors (Hellos)
                                       10           Authentication Information
                                       128     IP Internal Reachability Information
                                       129             Protocols Supported
                                       132             IP Interface Address

 Level-2 Link State        20           1                  Area Address
       Packet                           2               IS Neighbors (LSP)
                                        4                  Partition - DIS
                                        5                 Prefix Neighbors
                                       10           Authentication Information
                                       128     IP Internal Reachability Information
                                       129             Protocols Supported
                                       130     IP External Reachability Information
                                       131               IDRP Information
                                       132             IP Interface Address

  Level-1 Complete         24           9                 LSP Entries
         SNP                            10         Authentication Information

  Level-2 Complete         25           9                 LSP Entries
         SNP                            10         Authentication Information
 Level-1 Partial SNP        26             9                         LSP Entries
                                           10                 Authentication Information

 Level-2 Partial SNP        27             9                         LSP Entries
                                           10                 Authentication Information

IS-IS addressing

  IS-IS addressing is known as NSAP or NET. The address range from 8 to 20 bytes, you can
configure a maximum of 3 NETs on a router (same area ID). A NET consist of 3 parts:
- Area: equivalent of IPv4 network bits. Multiple area ID means multiple area, but not
  multiple level. Composed of AFI (47 for British, 39 for ANSI, 49 for private addressing),
  IDI and DSP. Area ID must be at least one byte long.
- System ID: equivalent of IPv4 host bits; remain same. Unique on all routers, formed from
  MAC address.
- N-SEL (selector): equivalent of TCP/UDP port on a host; always = 00 for IOS.

  IS-IS address comes in one of three formats:
- 8-octet area IS: area + system ID + SEL
- OSI NSAP format: domain + area + system ID + SEL
- GOSIP NSAP: AFI + ICD + DFI + AAI + Reserved + RDI + area + system ID + SEL


  Enable IS-IS with ‘(config)#router isis TAG’, where TAG can be used to identify an area,
like ASN for EIGRP. By default, every router is in Level 1.
  Assign NET with ‘(config-router)#net NET_ADD’ using AFI(2 digit).AREA_ID(4 digit).ADD(4
digit).ADD(4 digit).ADD(4 digit).00 format.
  ‘(config-if)#ip router isis TAG’ on every interface you would like to advertise.
  ‘(config-if)#isis metric VAL’ to manually configure the metric on each interface. To switch
the metric to wide style, use ‘(config-router)#metric-style wide’, using ‘transition’ instead of
‘wide’ allow both metric style.

 Verify with ‘show clns neighbor’, ‘show isis database’, ‘show clns interface’.

  To configure an area to route only Level 1,
- Add a tag to the routing process
- Use (config-router)#is-type level-1
- Use ‘(config-if)#isis circuit-type level-1 for all advertised interfaces

  To configure an area to route only Level 2,
- Use ‘(config-router)#is-type level-2
- (config-if)#isis circuit-type level-2

 To create a manual summarization, use ‘(config-router)#summary-address IP_ADD
SUB_MASK {level-1 | level-2 | level-1-2}’. Don’t need ‘redistribute static ip’. Summary (not
default) route display with ‘show ip protocols’.

 A default route in IS-IS is created by ‘(config)#ip route null0’ + ‘(config-
router)#default-information originate [route-map NAME]’ will advertise a default route with
metric = 0.
 ‘redistribute static ip’ doesn’t advertise static route, but every other static route.
  To enable authentication for IS-IS, there are plain-text and MD5 encrypted.
Plain text:
- Per-interface ‘(config-if)#isis password PASS {level-1 | level-2}
- For all Level 1 LSP, CSNP, and PSNP ‘(config-router)#area-password PASS authenticate snp
  {validate | receive-only}’
- For all level 2 LSP, CSNP, and PSNP ‘(config-router)#domain-password PASS authenticate
  snp {validate | receive-only}’

Key chain: ‘key chain NAME’ -> ‘(config-router)#authentication mode {text | md5} [level-1
| level-2] -> ‘(config-router)#authentication key-chain NAME’.

 For IS-IS to correctly advertise routes, you need ‘router isis’ + ‘redistribute connected’.
 No message for successful authentication or adjacency.
Route redistribution
 Route redistribution is often needed when a network running 2 different routing protocols
(maybe even the same routing protocol, but different AS) need to exchange routes.
Redistribution can even be useful for a merged network using the same routed protocol.

  When a static route is used as redistribution rather than an IGP, it’s recommended that you
either 1) specify the exit interface directly (for point-or-point link), or 2) specify both the
exit interface and the next-hop address (for broadcast link).
  This is used to prevent recursive lookup, which occur because only the next hop address
exist. The routing table is checked twice: 1) when a packet enters the router and router
looks up the entry, and 2) router checks the next-hop address.

  To be able to redistribute,
- use at least one working physical link with each routing domain.
- A working routing protocol for each routing domain.
- Additional configuration that tell the routing protocol to take the routes learned by another
  source of routing information and to then advertise those routes.

  When performing redistribution, the router (re-distributing) take routes from the IP routing
table and pass those routes to a routing protocol for redistribution. Routing protocols treat
the foreign routes as external routes, and since different protocols have different methods
of calculating metric, there will be different metric calculation.

 At the point of redistribution, the receiving process start with a seed metric, which is
usually assigned manually. Here are some seed metric for routing protocols.
Source/Destination         RIP            EIGRP            OSPF        ISIS         BGP (MED)
          Connected 1                Interface metric   20 (E2)   0             0
              Static 1               Interface Metric   20 (E2)   0             0
                 RIP                 Infinite           20 (E2)   0             IGP metric
              EIGRP Infinite                            20 (E2)   0             IGP metric
               OSPF Infinite         Infinite                     0             IGP metric
                ISIS Infinite        Infinite           20 (E2)                 IGP metric
                BGP Infinite         Infinite           1 (E2)    0

  When more than one route exist for a particular destination network, the better route is
judged per AD. Routers can only redistribute routes they know (static or dynamic).
  When a route is redistributed, it gets the default AD of the new routing protocol.

 Route feedback refers to loop created by multiple redistribution router, solutions include: -
Change the metric, - Change AD, - Use default route, - User passive interface with static
route, - Use distribute list

 Networks converge at the speed of the slower protocol.

  If there are one ‘match’ command, the criteria can match to any condition to be true, this
is logical OR. If there are multiple statements, all must be considered true for the route map
statement to be matched, this is logical AND.
EIGRP Redistribution

  This is the complete configuration of EIGRP redistribute command, used in EIGRP router
configuration mode:
‘(config-router)#redistribute eigrp ASN [metric BW DELAY REL LOAD MTU] [tag VALUE]
[route-map NAME]’, where tag refers to a number that identifies a route. It can be further
manipulated with route maps.

 For redistribution to work, the redistributing router MUST set the metric factor (from which
the metric is calculated) for those external routes using one of 3 methods:
Function                                             Command
Setting the default for all redistribute commands    (config-router)#default-metric bw delay
                                                     reliability load mtu
Setting the component metrics applied to all routes (config-router)#redistribute PRO [P_ID | ASN]
redistributed by a single redistribute command      [metric BW DEL REL LOAD MTU
Setting different component metrics to different     Use the route-map parameter use a specified
routes from a single route source                    route map to set the metric.
 Note that if you are redistributing from another EIGRP process, EIGRP will (already) have a
default metric; thus, no need for the above method.
 To redistribute between IGRP and EIGRP, simply configure them to use the same ASN.
 Note: delay is again 10 times smaller than delay in ‘show’ command.

  When ‘redistribute’ command refers to another IGP as the routing source, the router will
redistribute (these routes will show ‘via Redistributed’ exit interface):
- All routes in the routing table learned by that routing protocol
- All connected routes of interfaces on which that routing protocol is enabled
Note: redistributing router will become the next-hop router for packets to the other domain.
Note: EIGRP external routes has AD of 170.

OSPF Redistribution

- OSPF redistribution uses default metric, thus, no need to configure using commands
- OSPF create LSA for external route
- Redistributed routes are flagged as external.
- The command for redistribution (in OSPF router configuration mode) is:
(config-router)#redistribute ospf P_ID [metric VALUE] [metric-type {1 | 2}] [match
{internal | nssa-internal | external 1 | external 2}] [tag VALUE] [route-map NAME]
Metric      Defines cost metric assigned to routes redistributed by this command, unless overriden
            by a referenced route map
Metric-type Defines external metric type, type 1 or 2
match       If redistributing from OSPF, this keyword lets you match internal OSPF routes, external
            (by type), and NSSA external routes, essentially filtering which routes are redistributed.
subnets     Redistribute subnets of classless networks

  When redistribute OSPF from:
- Another OSPF AD, use the route’s metric
- A subnet, only the classful network is considered unless ‘subnets’ is added
- Any source, Type 5 LSA is created for each external route. If in a (totally) NSSA area, Type
  7 LSA is created instead.
The same rules that can change EIGRP metric also applies to OSPF.

 When Type 5 LSA is created by the ASBR, it’s flooded to the connected area. ABRs in that
area will flood the LSA to routers in its area unless it’s a stubby area, which requires default
route instead.

 OSPF external route can either be type 1 or type 2 (default). These routes calculate metric
differently, type 2 external route uses metric stated in the LSA.
 This means all routes advertised by E2 has the same metric, making all ASBR equal cost.
How a router choose its route differ depends on whether it’s in the same area as ASBR.

 When ASBR reside in the same area as this router and many routes are available, this
router checks the next hop router RID to find the shortest distance route.

 When ASBR reside in another area, not as same as this router, route calculation involves
another LSA. The total cost = cost to reach ABR + cost from ABR to ASBR (metric listed in
Type 4 LSA).
 Type 4 Summary ASBR LSA is created by ABR when it receives an LSA from ASBR. Type 4
LSA include ABR’s RID, ASBR’s RID and cost to reach ASBR from ABR.
 Displayed with ‘show ip ospf database asbr-summary’
 show ip ospf border-routers, lists a line for every ABR and ASBR known to the local
router. It lists whether the router is inside the same area or in another area, the RID of the
ABR or ASBR, and this router’s best route to reach each ABR and ASBR.

 Another solution is to use E1 route instead of E2 (Type 5 LSA) by ‘metric-type 1’; E1 route
metric = internal cost + external cost.
 For a given IP subnet, OSPF ALWAYS prefer E1 route over E2 route regardless of metric.

 Routers may be redistributed into a (totally) NSSA area using Type 7 LSA. The ASBR flood
Type 7 LSAs (which continues in this form) that reaches (totally) NSSA area, if the area is
not stub, ABR converts it to a Type 5 LSA and forward it.

Redistribute into IS-IS

  By default, all redistributed routes have a metric of 0 and imported only to Level 2 LSDB.
You can change the behavior with ‘redistribute static ip {level-1 | level-2 | level-1-2 | metric
| metric-type | route-map}
  ‘redistribute static’ only advertise CLNS routes. To use IP, use ‘redistribute static ip’

Redistribution filtering

 You can use ‘route-map’ keyword included in the ‘redistribute’ command to choose what
route to 1) set a different metric, 2) set a different type, or 3) which to redistribute.

 In addition to filter by ACL or prefix-list, route-map can filter based on
match Command                                     Description
match interface interface-type interface-number   Filter by outgoing interface
[... interface-type interface-number]
[*]match ip address {[access-list-number |           Filter by destination IP address
access-list-name] | prefix-list prefix-list-name}
[*]match ip next-hop {access-list-number |           Filter by route’s next-hop address
[*]match ip route-source {access-list-number |       Filter by advertising router’s IP address
match metric metric-value [+- deviation]             Filter by route’s metric, or a range (plus/minus
                                                     the configured deviation)
match route-type {internal | external [type–1 | Filter by route type; level 1 and 2 refers to IS-
type–2] | level–1 | level–2}                    IS term
match tag tag-value [...tag-value]                   Filter by route tag, which requires the tag to be
                                                     set in an earlier command.

 Other than filtering routes, a route map can also cause value of items of route to change
using the ‘set’ command:
set Command                                          Description
set metric metric-value                              Sets the route’s metric for OSPF, RIP, and IS-IS
set metric bandwidth delay reliability loading mtu   Sets the EIGRP route’s metric values
set metric-type {type–1 | type–2}                    Sets type of route for OSPF
set tag tag-value                                    Sets the unitless tag value in the route

  In an ACL, ip host host matches route whose destination subnet
is, specifically, those address with mask of

 You can also use ‘show access-lists’ and ‘show ip prefix-list detail’ followed by prefix-list
name. These commands show you the number of matches found.

  To set the metric for a route use ‘set metric’ route map subcommand. If you are setting
the metric for OSPF or RIP, follow the command by the metric, such as ‘set metric 10’. If
you’re setting the metric for EIGRP, follow the command by bandwidth, delay, reliability,
load, MTU, such as ‘set metric 100 22 255 1 1500’.
  To apply the metrics, use ‘redistribute ...... Set-metric’ command. The precedence is 1)
set-metric from route map, 2) set-metric from redistribute, 3) default-metric command.
  Verify using ‘show ip route’ or ‘show ip eigrp topology’

 When using ‘match {internal | external 1 | external 2 | nssa-external}’ part of command,
you are matching the type of routes to be redistributed.

  If you are only filtering redistribution routes (without setting metric and other stuff), you
can use ‘distribute-list’ command with direction being ‘out’ (this is a MUST) and the
mechanism is either ACL or prefix-list.
  For instance, ‘distribute-list 1 out ospf 2’ applies ACL 1 to EIGRP (current domain) for
routes redistributing from OSPF process number 2. Another example is ‘distribute-list prefix
fred out eigrp 1’ applies a prefix-list named fred to EIGRP ASN 1 redistributing into OSPF
(current domain).

 Note that filtering take place as the route is redistributed to the destination routing
protocol that is added to the topology table (if one is present). ‘show ip access-lists’ and
Protocol       Command
RIP            distance ad-value
EIGRP          distance eigrp internal-ad external-ad
OSPF           distance ospf {external ad-value} {intra-area ad-value} {inter-area ad-value}

‘show ip prefix-list detail’ command confirms the successful action while ‘show ip eigrp/ospf
topology’ of the destination protocol will not show the route.

 Filtering for OSPF will only filter LSA from the RIB, but it still remain in LSDB.
 Filtering for BGP is preferably done in per-neighbor basis.

Multiple router redistribution

  When multiple redistribution routers exist, a subnet can be looped (in advertisement)
between the domains because the default metric of the route from the redistribution may be
lower than the metric of the internal route.
  Therefore, the router is tricked into going through the further route and may even cause a
loop. Somehow, if EIGRP is present as one of the routing protocols, this situation would not

 One method to resolve this problem is purposefully use a (default) metric higher than the
highest internal route metric. This way, the router can precede internal routes before
redistributed routes.

 In OSPF, this problem can also be prevented since it has a (default) higher precedence for
E1 routes; meaning for every redistributed routes that has cost of total cost of internal and
external route, it has precedence over those redistributed routes that counts only external

Route Type                  AD        Remember: if there are 2 possible routes to a certain
Connected                   0       destination, the longer prefix wins. If the prefix is equal,
                                    lower AD wins.
Static                      1
EIGRP summary route         5        Another behavior that prevent domain loop is recognition
External BGP                20      of redistributed routes. If a route in domain A is
                                    redistributed into domain B, the redistribution router will
EIGRP (internal)            90      not advertise this route back from B to A because it doesn’t
IGRP                        100     exist in B.
OSPF                        110
                                      RIP doesn’t have a concept of internal and external
IS-IS                       115     routes. In RIP, internal route simple refer to routes exist
RIP                         120     inside the RIP domain and external routes are ones exist
On-Demand Routing (ODR) 160         outside RIP domain.
EIGRP (external)            170      You can manually set the AD of routing protocol to
Internal BGP                200     overcome domain loop problem. Redistribution problem
Unreachable                 255     between RIP and OSPF can be solved this way:
  When multiple routing domains exist, routers may be confused by the redistributed routes
and chose the route with the lowest AD, which may be the longer way around, 3 solutions
are present to solve this problem:
1. per-route AD setting, the full ‘distance’ command is ‘(config-router)#distance AD
   [IP_ADD WILDCARD] [ACL_NAME/ID]’. Whereas routers whose IP address match the
   range of address in IP_ADD WILDCARD, the specified AD value applies. The route is
   matched using ACL. Thus, the router that redistribute that route will stop the route from
   being advertised. This command can’t be used with prefix list.
 In OSPF, IP_ADD WILDCARD refers to the RID of the router that advertise this LSA.
 In RIP and EIGRP, IP_ADD WILDCARD is the interface IP address that advertise this route.

2. Filter routes using prefix-list at the redistribution router also prevent this sort of problem.

3. Route tag is a 32-bit integer that can be used to identify a (set of) routes; it’s an
   identifier that can be used for many purposed. In redistribution, you can tag (identify)
   certain routes, and then decide to let them pass or filter them. To set a tag, simply add
   ‘set tag’ followed by the identifier after a route map clause. This route map can be added
   in ‘redistribute’ command for it to filter redistributed routes.

Backup interface

  An interface can be configure to back up another interface. When configured, this interface
stay in standby mode.
  To use S0/0 as backup for S1/0, configure ‘(config-if)#backup interface s1/0’ on S0/0’s
interface configuration mode.
  ‘(config-if)#backup delay [UP] [DOWN]’ configures the backup interface to come alive
when the primary interface has failed for UP seconds. The backup interface will be shut
down when the primary interface has come up for DOWN seconds.
  ‘(config-if)#backup load [EX] [DIS]’ configures the backup interface to share traffic once
the load on the primary interface exceed EX% of its bandwidth. Backup interface return to
shutdown mode once primary interface’s load drops to DIS% of its bandwidth.
 DHCP is transformed from BootP, and uses UDP port 67 (server) and 68 (client).

 DHCP works by:
1. Client broadcast DHCP DISCOVER message (at FFFF.FFFF.FFFF) asking for IP configuration
   information and servers respond with address, mask, gateway, and other information.
2. A DHCP server responds with DHCP OFFER contains, an IP address, mask, gateway, lease
   time, and possibly option codes.
3. Client consider the DHCP OFFER message and pick one. Different system have different
   methods of considering DHCP. Client uses a DHCP REQUEST to ask if its previous address
   is available.
4. Final decision is made to which address is assigned. The server will record this
   assignment and respond with DHCP ACK.
5. Now, the client will send an ARP request to its new address. This is used to determine if
   an IP address duplication occurs. If any thing else replies, the process start over. This
   ARP is known as a gratuitous ARP. 2 pings are also send to that IP address, this can be
   configured with ‘ip dhcp ping packets’ command.

Other DHCP messages that you may see include:
- DHCPNAK sent by the server to DHCP client if the IP address that it requests/uses is no
  longer valid. Then, DHCP client has to restart the process.
- DHCPPDECLINE is send to the server from DHCP client if it deem DHCP information from
  server is invalid. Then the process restart.
- DHCPRELEASE is send from the client to DHCP server canceling the rest of its current
  lease. This can be done by ‘ipconfig /release’ on Windows
- DHCPINFORM is not supported by all vendors. DHCP client already has IP address and this
  message is used to obtain other information.

 The devices that lie between a DHCP server and DHCP client is called DHCP relay.

  When a router is both configured as a DHCP client (Internet-facing interface) and DHCP
server (facing hosts), you can use ‘(config)#ip dhcp pool NAME’ + ‘(config-dhcp)#import all’
to import the parameters received from the ISP to your hosts.

 Here are some more command:
(config)# command                          Description
service dhcp                               Enables DHCP server (on by default)
ip dhcp database                           Configures a database agent
no ip dhcp conflict logging                Disables logging of conflicts
ip dhcp excluded-address start-ip end-ip   Lists addresses that should be excluded from the pool
domain-name domain                         Default DNS assignment

  Cisco IOS allow router to forward DHCP broadcasts (if the DHCP server is not within that
broadcast domain) by using the ‘(config-if)#ip helper-address’ command. This command
should be placed on the interface closest to the DHCP client. When set, the router will
forward the broadcast as a unicast to specific UDP ports.

 There are 8 ports, 37 (NTP), 49 (TACACS), 53 (DNS), 67 and 68 (DHCP), 69 (TFTP), 137
(NetBIOS name), 138 (NetBIOS datagram).
 When ‘ip helper-address’ is set, these types of packets will be recognized and forwarded to
the specified IP address. However, you may not have all these feature built into one server,
so you may wish to disable certain features. To do so, use ‘(config)#no ip forward-protocol
up PORT_NO' command, you can also add another port without the ‘no’ keyword.

  DHCP can provide extended functionality depending on the vendor features. For Cisco
devices, you have option:
- 150: used to carry configuration files from TFTP server (usually a Cisco CallManager or
  Unified Communications Server) to IP phones using ‘(dhcp-config)#option 150 ip IP_ADD’.
- 60: is vendor class identifier is a text string that uniquely identifies the vendor.
- 43: used to provide Cisco LWAP with IP address of WLAN controller.

  To troubleshoot DHCP, start by checking L1 connectivity. Then use ‘show ip dhcp database’
-> ‘show dhcp server’ (if this device is a client) -> ‘show ip dhcp server statistics’ -> ‘show
ip dhcp binding’ (clear ip dhcp binding) -> ‘debug ip dhcp server events’ -> ‘debug ip dhcp
server packets’
Route policy
 Most routers today use Cisco Express Forwarding (CEF) table rather than IP routing table
as it’s more efficient in process routing requests.

  Policy-based routing(PBR) override a router’s natural destination by establishing its set of
rules on how to route the packet after decapsulation and before the packet is looked up by
CEF. The routes are chosen based on a route map, on which the rules (for routing) are also
established. PBR has 4 advantages:
- Source-based transit provider selection: in situation of multiple ISP, PBR allow traffic to be
  distributed to specific ISP according to network need
- QoS: apply QoS on traffic
- Cost saving: by conserving and managing traffic route, money is also saved
- Load sharing:

  First, you have a route map containing ACL/prefix-list that match a set of routes you want
to manipulate. Then, you include these logical lists by ‘match’ commands, which there can
be more than one per clause. If there are more than one ‘match statements, all of criteria
has to match to be considered for the traffic.

 You can further customize the characteristics of these routes using the ‘set’ command.
Command                                        Comments
set ip next-hop ip-address[. . . ip-address]   Next-hop addresses must be in a connected subnet;
                                               forwards to the first address in the list for which the
                                               associated interface is up.
set ip default next-hop ip-address[. . . ip-   Same logic as previous command, except policy
address]                                       routing first attempts to route based on the routing
set interface interface-type interface-        Forwards packets using the first interface in the up
number [. . . interface-type interface-number] list.
set default interface interface-type           Same logic as previous command, except policy
interface-number [. . . interface-type         routing first attempts to route based on the routing
interface-number]                              table.

 PBR can be applied to an interface inbound with ‘(config-if)#ip policy route-map NAME’. So
you need to place the PBR as close to the source as possible.
 PBR can be applied globally to router traffic (inbound and outbound) with ‘(config)#ip local
policy route-map NAME’.

 You can verify the result with ‘show ip policy’ ‘show route-map’ and ‘debug ip policy’

  You can add a ‘default’ keyword to the command, this means:
“try route as usual but ignore default routes. If normal routing fails, use PBR”.
  If no ‘default’ keyword is present,
“try PBR first, and if it doesn’t work, route as usual”

 QoS is the manipulation of packets so that different packets can have different priority,
thus, giving priority to those packets that need to pass fast. In the past, QoS can be shaped
by PBR; however, new designs often ignore PBR’s marking capability.
 PBR implement QoS by setting type of service (ToS) byte; in old fashion, the first 3 bits is
called IP precedence(IPP) field. Since 1990, the ToS byte was redefined as differentiated
services (DS) byte, with the first 6 bits known as differentiated service code print (DSCP).
 PBR support QoS by setting the IPP field with ‘set ip precedence VALUE’ and ‘set ip tos
VALUE’ command.

Policy-based routing (PBR) must be configured before PBR fast switching can be enabled. Fast
switching of PBR is disabled by default. CEF-switched PBR is enabled by default.
A fast-switched PBR supports all the match commands and most of the set commands except for the
   •    The set ip default next-hop command is not supported.
   •    The set interface command is supported over point-to-point links, unless a route cache entry
        exists that uses the same interface that is specified in the set interface command in the
        route map.


 IP service-level agreement (IP SLA) measures the ongoing behavior of the network by
conducting different tests set by previous configuration. This feature collects data that are
stored in IOS RTTMON MIB for later reviews by management tools such as Cisco IPM. The
management software can then decide the performance of the network and necessary
actions taken to enhance network experience.

 You can configure static routes and PBR to use IP SLA operations, so that if the operation
shows a failure of a particular measurement or reduced performance of the measurement
below a configured threshold, the router stops using either the static route or PBR logic.
This combination of features provides a means to control when the static and PBR paths are
used and when they are ignored.

  IP SLA is based on ‘operations’, each define a job to perform. This may include, the type of
packet to use, the time to perform this operation, and what results to look out in this

 IP SLA originate from response time porter (RTR) feature that uses ‘rtr' command and was
based on ‘probe’ instead of ‘operation’.

 IP SLA has SLA responder that is configured to reply to IP SLA configured packets (that a
normal router wouldn’t respond) to test various goals. Other normal devices will respond to
a packet if the device is configured to receive and respond to such a packet.
 For instance, you can configure IP SLA on a router to send a ‘ping’ to PC without pre-
configuration on the PC. But you would need to configure a router to be SLA responder if
you want to test something such as whether the router will respond in SIA state.

To configure an IP SLA for ping test:
1. (config)#ip sla OPERATION_NO
2. (config-ip-sla)#icmp-echo {DEST_IP | DEST_HOST} [source-ip {IP_ADD | HOST}
3. (config)#frequency SEC       !define frequency to send the ping; optional
4. (config)#ip sla schedule OPERATION_NO [life {forever | SEC}] [start-time {HH:MM[:SS]
   [MONTH DAY | DAY MONTH] | pending | now | after HH:MM:SS}][ageout SEC][recurring]
5. You can disable the operation with ‘(config)#no ip sla OPERATION_NO’

 You can confirm your running configuration by ‘show ip sla configuration’ or show ip sla
statistics’, which can optionally follow the operation number of the operation.

 To configure a static route to track an IP SLA, you need to:
1. (config)#track OBJ_NO ip sla OPER_NO [state | reachability]
2. (config-track)#delay {down SEC | up SEC} ! Optional, delay to regulate flapping.
The up timers on the tracking object defines how long to wait (in a down state) to transition
into OK state. Similarly, the down timer defines how long to wait (in an OK state) to
transition to a down state.
3. (config)#ip route DEST_IP_ADD MASK {OUTGOING_INT | NEXT_HOP} track OBJ_NO
  ‘show track’ command display the track information.

 If IP SLA operation fail, the static route will be removed.

 To configure PBR to object tracking, old version use ‘set ip next-hop’ in route map,
While new version use ‘set ip next-hop verify-availability IP_ADD track OBJ_NO’

 When track object is up, PBR work as configured. When it’s down, PBR act as if it doesn’t
exist, while the router send packets in a normal process.

 However, when using this, ‘show track’ display a ‘ROUTE-MAP’ instead of ‘STATIC-
ROUTING’, while ‘show track OBJ_NO’ and ‘show ip sla statistics’ display ‘STATIC_ROUTING’.


  BGP should be used for one of these reasons:
- It’s the only routing protocol that can connect your organization to multiple AS
- If you need to implement a routing policy (path and packet flow manipulation) only
  possible with BGP
- If your organization is acting as a transit AS and connect others AS
- Have extensive control over route advertisement and traffic pattern

Step 1. ICANN and IANA group public IPv4 addresses by major geographic region.
Step 2. IANA allocates those address ranges to Regional Internet Registries (RIR).
Step 3. Each RIR further subdivides the address space by allocating public address ranges to
        National Internet Registries (NIR) or Local Internet Registries (LIR). (ISPs are typically LIRs.)
Step 4. Each type of Internet Registry (IR) can assign a further subdivided range of addresses to the
        end user organization to use.        Reserved for use in documentation and example code.      Used for IPv6 to IPv4 relay (6to4 relay) (RFC 3068).       Benchmark testing for Internet devices (RFC 2544).

 To connect to the Internet, an Enterprise uses either default routes (+ redistribution) or
BGP (require much memory and processing power). BGP is the better choice when you have
multiple route and you would like to manipulate these routes.

 Outbound routing are routes that direct packets from Enterprise to Internet and inbound
routing are routes that direct packets from Internet to Enterprise. There are
                              One link/ISP                                 Multilinks/ISP

  One ISP      Single homed; suggest use static with       Dual homed; you can have multiple routers
               interface ‘null0’ for mismatched packets OR (one ASN) connect to a single ISP. This
               BGP with default route                      design provide redundancy and it’s
                                                           recommended to use BGP for other feature
Multiple ISP Single multihomed                              Dual multihomed

  Since BGP contains so many routes (the Internet), ISP gives you 3 options to receive
- Default route only: advertise only a default route to BGP
- Full update: ISP advertise the entire routing table
- Partial update: ISP send you some routes that would be shorter if reached from you and a
  default route for traffic that are better routed by ISP.

OSPF/EIGRP                                    BGP
Forms neighbor relationship before sending Forms neighbor relationship before sending routing
routing information                        information
Neighbors typically discovered using       Neighbor IP address is explicitly configured and may not
multicast packets on the connected subnets be on common subnet.
Does not use TCP                              Uses a TCP connection between neighbors (port 179).
Advertises prefix/length                     Advertises prefix/length, called Network Layer
                                             Reachability Information (NLRI.)
Advertises metric information                Advertises a variety of path attributes (PA) that BGP
                                             uses instead of a metric to choose the best path.
Emphasis on fast convergence to the truly    Emphasis on scalability; may not always choose the
most efficient route                         most efficient route.
Link state or distance vector logic          Path vector logic (similar to distance vector).

 ASN ranges from 0 to 65,535. BGP assigns 64,512 - 65,534 ASNs to be private. Being
private means this ASN connect to only one other ASN (sometimes multiple ASN) and these
ASNs can’t cause loop by themselves.
   Value    0                1 - 64,495     64,496 - 64,511     64,512 - 65,534        65,535

  Purpose   Reserved         Public ASN     Documentation       Private ASN            Reserved

Public ASNs are assigned by RIPE NCC and registered in RIPE database, private ASNs can be
removed on eBGP configuration by using ‘neighbor ebgp-neighbor-address remove-private-
as’ command.

 BGP peering is establishing using TCP port 179. Using TCP, a TCP segment is resend is
retransmission timer reaches 0. The far-end acknowledgement may be delayed up to a 1
second to determine if any data should be sent along with the acknowledgement.
 Because BPG uses TCP, it’s reliable and can perform error recovery. One of the is flow
control. Each BGP peer advertises its available buffer space to allow the far end of the
session to send only a specific amount of data to prevent overflowing.
 Underlying TCP session can be shown with ‘show tcp brief’

 Only one instance of BGP can be enabled in a router.

Path Attributes: AS_PATH

  Path attributes (PAs) are factors that allow BGP to select a route over another. By default,
no BGP PAs have been set, and BGP use AS_PATH (autonomous system path) PA when
choosing the best route among many routes.
  When a router uses BGP to advertise a route with AS_PATH, it will tell which list of ASN the
path will go through. AS_PATH can:
- Choose the best route by using the route with shortest AS_PATH
- Prevent routing loops.

  AS_PATH works by recording the ASN that it has passed. For instance, a route originated
from ASN 3 then flow to ASN 7 then 9 and arrives at ASN 1, it will have an AS_PATH of (3,
7, 9). BGP, by default, choose the route with the least amount of ASNs (distance vector).
  Loop is also prevented by ignoring route updates that contain the current AS’s ASN.
However, having duplicated ASN means ASN 3 can’t learn route to the duplicated ASN 3.

  BGP defines 2 kinds of neighbors: internal BGP (iBGP) and external BGP (eBGP). This is
used to refer to neighbors that are in the same ASN or different ASN.
  One difference is the update of AS_PATH, when advertising to an iBGP peer, no ASN is
added. When advertising to an eBGP peer, this AS’ ASN is added. All BGP connection can be
listed as either iBGP or eBGP.

 There are 2 types of routing:
- Hot-potato routing: traffic exit the AS via the closest exit point.
- Cold-potato routing: traffic exit the AS via the path closest to the destination. Optimal.


 BGP finite state machine (FSM) works as:
1. Router try to establish TCP connection with IP address configured in ‘neighbor’ command
   at well-known TCP port 179.
2. After 3-way handshake is complete, first BGP message send is the Open message, which
   contains parameters to be verified to establish neighborship.
3. After parameters match, and neighborship is formed, neighbors are in established state.
   Then Update messages can be send, which includes list of PAs and prefixes.
State          Typical Reasons
Idle           The BGP process is either administratively down or awaiting the next retry attempt. TCP
               session should be initiated by remote peer. Local route transition to Connect and begin
               listen for a connection initiated by the remote peer.
Connect        Trying to establish TCP session. If successful, local router send Open message and
               change to OpenSent. If not, local router resets the ConnectRetry timer and transition to
               Active state.
               If the timer reaches 0 while the local router is in the Connect state, timer is reset and
               another attempt is made. Router remain in Connect state.
Active         Try to establish TCP session. If successful, local router send Open message and change
               to OpenSent. If not, local router initiate another session, sets ConnectRetry timer to 0,
               and transition back to Connect state.
               If peering stop at this stage, it means TCP session attempts have been made by remote
               routers to connect from an unexpected IP address, causing the local router to refuse.
               Local router remain in Active state and resets ConnectRetry timer.
Opensent       The TCP connection exists, and a BGP Open message has been sent to the remote peer.
               Transition to OpenReceive state and wait for initial keepalive from peer to move into
               OpenConfirm state.
               If TCP session disconnect is received in this state, local router terminated BGP session,
               reset ConnectRetry timer, and transition back to Active State.
Openconfirm Open messages have been send and received. Local router send Keepalives to peer and
            wait for Keepalives from remote peer
Established    Achieved after receive Keepalive from peer. All neighbor parameters match, the
               neighbor relationship works, and the peers can now exchange Update messages.
 To verify neighborship, use ‘show tcp brief’ can display the underlying TCP connection.
 ‘debug ip bgp’ display intermittent BGP information.

  ‘neighbor IP_ADD shutdown’ command shut down the BGP neighbor and move the routers
to Idle state. Here are 4 types of messages send:
Message       Purpose                                                               EIGRP Equivalent
Open (1)      First message exchanged after TCP connection has established.         Hello
              Contain BGP version, ASN, hold timer (peers have same hold timer,
              value of the smaller hold time), BGP identifier, optional parameter
              length and optional parameter
Keepalive     Used to maintain peer. Contain only header. By default, hold timer is Hello
(3)           3 times keepalive interval. Update messages can also reset
              keepalive interval
Update (2) Used to exchange PAs and the associated prefix/length (NLRI) that        Update
           use those attributes. Each update contains a single set of path
           attributes and all NLRI that have the said path attributes. Also
           contain withdrawn routes.
Notification Used to signal a BGP error. Contain error code, error subcode, and     No direct equivalent
(4)          data.
  All BGP messages share the same header, composed of:
- 16 byte marker field: set to all 1s to detect a loss of synchronization.
- 2 byte length field: indicate total length of BGP message, range from 19 to 4096
- 1 byte type field: indicate different BGP messages in () in above table.

 Path attribute field in Update

 All prefixes, except those filtered by ‘neighbor IP_ADD route-map NAME in’, are listed in
the routing table for calculation.
Verification Step                                                     Command
List entire BGP routing table, under ‘Path’, you’ll see AS_PATH PA Show ip bgp
with the last ASN listed to the left. If an internal route is
displayed, it has ‘i'. ‘*’ means a valid route, and ‘>’ is best route
List possible default routes.                                         show ip bgp
List possible routes, per prefix.                                     show ip bgp prefix [subnet-mask]
List all possible route for each neighbor                             show ip bgp neighbors
List routes learned from one neighbor, before any inbound             show ip bgp neighbors ip-
filtering is applied.                                                 address received-routes
List routes learned from a specific neighbor that passed any          show ip bgp neighbors ip-
inbound filters.                                                      address routes
Lists routes advertised to a neighbor after applying outbound         show ip bgp neighbors ip-
filtering.                                                            address advertised-routes
List the number of prefixes learned per neighbor. State/pfxRcd        show ip bgp summary
refers to the state of the neighbor state, if established, it shows
the number of prefixes received from that neighbor.

eBGP neighborship

  To configure BGP, you need at least 2 commands:
- ‘(config)#router bgp ASN’
- ‘(config-router)#neighbor IP_ADD remote-as REMOTE_ASN’

  For BGP neighbor relationship to form,
- TCP connection between them MUST be established and both routers MUST have ‘neighbor
  remote-as’ to refer to the IP address of the interface for which TCP packets exit (when the
  exiting interface is not explicitly defined).
- The neighbors MUST be listed in ‘neighbor IP remote-as ASN’ command
- BGP RID MUST not be duplicated
- Md5 authentication MUST pass (if configured)

 BGP RID is established by
1) configuring ‘(config-router)#bgp router-id RID’. If not,
2) Use the highest numeric IP address of any up/up loopback interfaces at BGP initialization
3) Use the highest numeric IP address of any up/up normal interface at BGP initialization

 To configure authentication, use ‘(config-router)#neighbor IP_ADD password PASSWORD’
command on both routers in a neighborship. IP_ADD refers to the IP address of the other
router, while PASSWORD must be identical for neighborship to succeed.

  When multiple links exist between 2 BGP routers, and you would like to establish BGP
neighborship between them, there are 2 options:
- configure a connections for each physical interface; consumes bandwidth and memory.
- Configure connections using virtual (loopback) interfaces, which requires less bandwidth
  and memory and ensure the interface is always up/up.

To configure loopback interface for eBGP neighbors:
- ‘(config)#interface loopback NO’ -> ‘(config-if)#ip address IP_ADD’
- ‘(config-router)#neighbor IP_ADD remote-as ASN’, note that this is still the neighbor’s IP
- Tell the router it’s using a loopback interface by ‘(config-router)#neighbor IP_ADD update-
  source loopback NO’ where NO is the number configured in ‘interface loopback’. Now, you
  have specified the destination address and the source address of this neighborship.
- Make sure router has IP route to its neighbor’s loopback interface (usually through a
  physical interface by static route or IGP; remember to allow redundancy)
- Configure eBGP multihop with ‘neighbor IP_ADD ebgp-multihop TTL’ command. This
  command allow you to define the TTL field, which is default to 1. When sending segments
  directly between the 2 interfaces, this command is not needed. However, when using
  loopback interface, TTL decrease by 1, thus, the segment is discarded before it reaches
  the loopback interface. Configuring the value to 2 solves the problem.

 Using a loopback interface solves 2 problems:
1) If the connected port is down, the router can still send the packet without being
   interrupted because loopback interface is always up.
2) If the connected port is down, and another interface tries to reach the neighbor will be
   banned because the source address doesn’t match.

 The ‘neighbor’ command can be configured with ‘peer-group’ parameter, this allow one set
of command can be applied to all neighbors (either external or internal, not both) joining
the peer-group; thus, simplify configuration and reduce updates. ‘neighbor NAME peer-
group’ set a peer group with NAME, then ‘neighbor IP_ADD peer-group NAME’ can assign
that neighbor to that peer-group, note that neighbor must have ‘neighbor remote-as’ set.

Network command

  Be default, BGP uses ‘no auto-summary’ command.
  BGP’s ‘network PREFIX mask SUBNET_MASK’ command cause the route stated to match
any routes from the list of prefix/length received; the match MUST be exact. If a match is
found, the route is put into the local BGP table.
  Note: this prefix MUST be a public address range.

 If you have several subordinate routes instead, you need to use manual summarization or
static route with null0 exit interface.
 If you omit ‘mask’ parameter, you get a classful network.
  If you use ‘network’ command without ‘mask’ and ‘auto-summary’ is also used, the route
will match:
- An exact route found in the routing table, OR
- Any subordinate routes

  Another method to distribute BGP route is by using redistribution. If you have a single
classful network, you only need to ‘redistribute’ follow that classful network.

 However, if you have multiple subordinate routes instead, you need to use ‘route-map’
parameter to include a prefix-list or ACL to match the range of routes you would like to
advertise. You can find them at ‘show ip bgp IP_ADD/CIDR longer-prefixes’ command.

  Nevertheless, if you have multiple subordinate routes that you would like to summarize
and advertise as a single route, you can:
- Use IGP summarization to create the route from the entire prefix
- Configure null0 static route for the entire prefix on the Internet-connected router
- Configure BGP route summarization by ‘(config-router)#aggregate-address IP_ADD MASK
  [summary-only][as-set]’ command. Using ‘summary-only’, the subordinate routes will be
  suppressed of advertisement and they will show ‘s’ as their designation. Using ‘as-set’, all
  the AS passed will be recorded. A ‘null0’ exit interface is also recorded

iBGP neighbor relationship

 iBGP neighbors are also established by ‘router bgp ASN’ and ‘neighbor IP_ADD remote-as
ASN’, instead, the remote ASN is the same ASN as ‘router bgp ASN’

  Sometime, the iBGP neighbors won’t be in the same subnet due to their distance. At this
time, it’s recommended that you use loopback interface. The configuration is the same as
for eBGP except there is no restriction of TTL = 1 in iBGP neighbor relationship.

  When iBGP neighbors are directly connected, it only requires ‘neighbor remote-as’ and
‘route bgp’ command to form the neighborship.

  BGP: 1) advertise best route (with influence from the PAs) in Update message, 2) don’t
advertise iBGP-learned routes to iBGP peers (only external routes are advertised to iBGP
peer to prevent loops). Only the BGP router that has the external route will advertise the
external route, this prevents a BGP router from advertise the route back to where it come

 In BGP, the next-hop router doesn’t have to be in the same subnet as one of the router’s
IP address (e.g loopback interface); because BGP is not designed to work under this

  Next-hop IP address is not changed in Updates. If R1 (ASN 1) advertise to R2 (ASN 2)
with its loopback interface, and R2 advertise the route to R3 (ASN 2), the next-hop address
will still be the loopback IP address of R1. This situation would not cause any problem as
long as each router has an IP route that matches the next-hop IP address.

 The above solution is provided by having a route (static or dynamic) to the destination.
  Another solution is by using ‘neighbor IP_ADD next-hop-self’ command on both routers in
a neighbor relationship so the next-hop IP address change as needed. This way the router
would know how to forward the message. A drawback to this solution is the loopback
interface addresses, which also require a static or dynamic route to it for packets to be

  When advertising BGP routes for BGP routers not connected together, you may ran into
loops. To prevent BGP loop (in CCNP), you can use:
- Run BGP on some internal routers. Since BGP block internal routes from advertising back
  (so the route learning is just one way), one path will not allow other routers to learn. You
  need a full mesh design for it to work.
- Redistribute BGP routes into IGP (not recommended). Due to the large amount of routes
  to be processed in BGP, redistributing a default route and calculating the metric will be a
  big task and requires a lot of memory and processing power; it may even crash your

 Synchronization refers to the process of agreeing on whether to use an iBGP route will be
placed in the routing table. This decision is made by check whether an IGP route for the
same prefix exist as well. If not, the iBGP route will not be placed in the routing table. This
mechanism is used to prevent loops, make sure packets will arrive at correct destination,
and reduce unnecessary traffic.

  Sync is performed by ‘(config-router)#synchronization’ command.
  In later versions of IOS, this feature is off by default because redistribution between IGP
and BGP is not recommended. However, when BGP is implemented with MPLS, such
implementation is considered reasonable. Sync should also be turned off if
- All routers in the AS are running BGP
- All BGP routers inside AS are meshed
- When AS is not a transit AS.

BGP filter

 BGP can filter Update message per neighbor, and disable the filter by ‘reset’ command.
BGP can filter on prefix/prefix length, PAs, direction, and most importantly, per neighbor.
IGP often use one route map for an entire process instead.
BGP Subcommand         Commands       What Can Be Matched
neighbor distribute- access-list,   Prefix, with WC mask
list (standard ACL)  ip access-list
neighbor distribute- access-list,   Prefix and prefix length, with WC mask for each
list (extended ACL)  ip access-list
neighbor prefix-list ip prefix-list   Exact or “first N” bits of prefix, plus range of prefix lengths
neighbor filter-list   ip as-path     AS_PATH contents; all NLRI whose AS_PATHs are matched
                       access-list    considered to be a match
neighbor route-map route-map          Prefix, prefix length, AS_PATH, and/or any other PA matchable
                                      within a BGP route map
 One reason to use filtering is to prevent the Enterprise AS from becoming a transit AS for
which packets from one ISP to another should not have routed from.
 Outbound routes refer to routes from which packets from outside come in.
 Inbound routes refer to routes which packets send from this router to the outside.

 ‘show ip bgp neighbor IP_ADD advertised-routes’ can be used to check if route is

  For any changes can take place, you must use ‘clear ip bgp IP_ADD’ which is the IP
address of the neighbor; this command can perform a hard or soft reset. Other methods
include reloading the router and administratively shutdown a neighbor.

 A hard reset occurs when the local router 1) bring down the neighborship, 2) the
underlying TCP connection, 3) remove all BGP table entry learned from that neighbor.
 A soft reset occurs when 1) router doesn’t bring down the neighborship or TCP connection,
2) resend adjusted outgoing Updates, which then adjust the BGP table.

  A hard reset could
- take a long time to complete and interrupt routing in the interim
- Count as a flap and cause peers to disassociate themselves
- Force a full set of routing updates and could generate a lot of traffic.

  You can verify the command by
‘show ip bgp neighbor IP_ADD received-routes‘ (pre-filter) -> require ‘neighbor IP_ADD
soft-configuration inbound’
‘show ip bgp neighbor IP_ADD routes’ (post-filter) and ‘show ip bgp neighbor IP_ADD
advertised-routes’ (advertised in Update)

 To see pre-filtered BGP table, use ‘show ip bgp’ command

 Only extended ACL is can filter prefix/prefix length


 You can define many BGP PAs to adjust the path selection process, different PAs set
different criteria.
 Next_Hop PA defines the next-hop IP address of a route. Here are some PA:
PA              Description                                                     Enterprise Route
                                                                                Direction (Typical)
NEXT_HOP        Lists the next-hop IP address used to reach a prefix.           N/A
Weight[1]                                          16
                A numeric value, range 0 through 2 – 1, set by a router when    Outbound
                receiving Updates, influencing that one router’s route for a
                prefix. Not advertised to any BGP peers.
Local        A numeric value, range 0 through 232 – 1, set and                  Outbound
Preference   communicated throughout a single AS for the purpose of
(LOCAL_PREF) influencing the choice of best route for all routers in that AS.
AS_PATH         The number of ASNs in the AS_Path PA.                           Outbound, Inbound
ORIGIN          Value implying the route was injected into BGP; I (IGP), E      Outbound
                (EGP), or ? (incomplete information).
Multi Exit      Set and advertised by routers in one AS, impacting the BGP      Inbound
Discriminator   decision of routers in the other AS. Smaller is better.
Here is a general process of how BGP chooses its route. Step 9 - 11 is only used when there
is a tie, or the previous step can’t generate a clear winner.
Step Mnemon Short Phrase                   Which Is Better?
     ic Letter
0       N        Next hop: reachable?      If no route to reach Next_Hop, router cannot use this route.
1       W        Weight                    Bigger.
2       L        LOCAL_PREF                Bigger.
3       L        Locally injected routes   Locally injected ‘network’ is better than iBGP/eBGP learned.
4       A        AS_PATH length            Smaller.
5       O        ORIGIN                    Prefer I over E. Prefer E over ?
6       M        MED                       Smaller.
7       N        Neighbor Type             Prefer eBGP over iBGP.
8       I        IGP metric to Next_Hop Smaller. If no IGP is used, consider tied.
9                                          Oldest eBGP route
10                                         Route with lowest BGP RID
11                                         Route with lowest neighbor IP address
    BGP only choose one route as the best route (thus, no load balancing).

 Step 1, 2, 4, and 6 influence the outbound routes.

 Step 1, or Weight is not a BGP PA, but a Cisco feature. Weight can be selective, pre-
configured (per route, per neighbor, on the neighbor) to influence route selection process;
the biggest weight route is chosen. Weight can’t be learned through Update because no
such field is included. Weight value range from 0 to 65,535, 0 for learned routes, and
32,768 for locally injected routes.

 This is applied to all learned or injected (‘network’) routes (coming in, then leaving the
router) specified by ‘neighbor IP_ADD route-map NAME in’ (apply route map to particular
routes from particular neighbor), then ‘set weight’ followed by the weight.
 You can also set all weight values to all routes from one neighbor by ‘(config-
router)#neighbor IP_ADD weight VALUE’ command.

  Step 2, or Local_Pref PA is used to determine the best router (in the AS) to forward
packets that belong to a certain prefix. For instance, if R1, R2, and R3, belong in ASN 2 and
only R2 has external route to, while R1 and R3 learned this route from R2. In
this case, R2 can set its Local_Pref so that it becomes the favorable router for packets to
  By design, Local_Pref is set on R2 (using route-map) and then updated to R1 and R3 via
iBPG Update. Local-Pref is NOT updated to eBGP peer by default.

 Local_Pref has default value of 100, whereas it ranges from 0 to 4,294,967,295, with
higher values more favorable. The default value can be changed by ‘(config-router)#bgp
default local-preference’ followed by the value.
 This PA can also be set for a particular set of routes specified in the ‘neighbor IP_ADD
route-map NAME in’ command then ‘set local-preference’ subcommand, where the neighbor
is the eBGP from the ISP. This is because Updates for eBGP connection will not include
Local_Pref value.

 ‘show ip bgp IP_SUBNET/CIDR longer-prefixes’ show which route is older by placing its
entry later.

 Before the best BGP route is placed into the routing table, it still has to go through the IOS
Routing Table Manager (RTM). This is where AD comes into play, with eBGP having AD of 20
and iBGP having AD of 200.

  Step 4, AS_Path can be increased so that the route becomes less favorable to forward
packets through. This is done by a neighbor route map followed by ‘set as-path prepend’
followed by the ASN. If you would like to add 2 ASs, each has ASN 3, you can use ‘set as-
path prepend 3 3’. It’s recommended that you use the same ASN as that of the current AS
to prevent confusion.

  ‘show ip bgp rib-failure’ shows routes for which BGP has chosen the best route, but not
listed in the routing table (which is also known as routing information base, or RIB). This
can occur when BGP chooses its best route, but it’s not placed into the RIB because there is
another routing protocols presenting the same prefix and has a lower AD.

 BGP also has ‘maximum-paths’ command that allow tied routes (after step 8) to be
presented in the routing table. The number designate how many routes will be allowed.

 To control inbound routes, you can use multi-exit discriminator (MED). The Enterprise can
announce to the ISP a value (MED) that tell ISP which route to the Enterprise is the best.
The smaller the MED, the more favorable the route. This often occurs when there are
multiple routes. MED is set with ‘default-metric VAL’ command.

 iBGP routes within the AS decides which route (best) will accept traffic from the remote
AS. The range of MED is the same as Local_Pref, but the smaller, the better. This criteria is
set by ‘set metric’ in a outward route map.

Advantages of IPv6:

- 4 types of address assignments
- Built-in support for address renumbering, or the ability to change the public IPv6 prefix by
  advertising the current prefix with a short timeout and new prefix with longer lease life.
- Mobility, IPv6 hosts can roam between networks and retain their IP address without losing
  current application sessions.
- Dependent and independent public address space. ISP can assign public IPv6 address
  range (dependent), or company can register their own public address space (independent)
- Easy aggregation due to the large amount of addresses available
- No need for NAT/PAT
- IPsec built into IPv6 using extension header NH 50 to provide more security.
- Simple header: no need for header checksum, reducing overhead. A flow label is included
  to identify the packet flow, used with QoS; header size is fixed 320 bits, or 40 bytes and
  contain only always used fields.
- Extension headers (added between L3 and upper layer headers) indicate extended
  information. If not supported, router can ignore it, reduce processing time. Easily add
- No broadcast
- Capable of using IPv4 and at the same time due to transition tools
- Determine optimum fragmentation using MTU discovery. The source node of a connection
  will send a packet equal to its local link’s MTU. As this packet traverses the path toward its
  destination, smaller MTU devices will not fragment the packet and send a “packet too big”
  message back to the source indicating its MTU value and ask the source to send a new
  packet of that size in order to pass through. This process will continue until the destination
  is reached, and the rest of the packet will be send using that MTU size. This process
  repeats every 5 minutes. The MTU can be based on destination address, source address or
  flow label.
- Unlike IPv4, whichever router that receives a giant packet can fragment it, IPv6 only allow
  the source route to fragment the packet, therefore, one of 2 methods can be used: MTU
  discovery or set the size of IP packet equal or less than 1280 bytes (standard set by all)

 IPv6 addresses are divided into different geographic region called RIR (there are North
America, Central/South America, Europe, Asia/Pacific, and Africa), the summary address is
called registry prefix.
 Each RIR divide the big block and assign smaller blocks to different ISPs, these summary
routes are called site prefix.
 Then ISP assigns groups of address to different customers; this is called a global routing
prefix or site prefix.
 The company can further subnet the prefix, the subnetted prefix is called subnet prefix.
 Thus, by using summary routes, there can be a single IPv6 route for entire North America.

 IPv6 has no concept of classful address because it’s composed of a prefix + host part.
 IPv6 also doesn’t have zero and broadcast subnet, and use IP protocol number 41.

     Version = 0x06 [4 bits]            Class: for DSCP [8 bits]      Flow Label [20 bits]
 Payload Length: length of extra      Next Header: equivalent of IP Hop Limit: TTL [8 bits]
        header [16 bits]                  protocol field[8 bits]
   Source Address [16 bytes]                    Destination Address [16 bytes]
  There are 3 ways of representing IPv6 addresses:
- Preferred representation: writing full 128 bits
- IPv6 with embedded IPv4: 96 bits of IPv6 address and 32 bits of IPv4 address. There are
  IPv4 compatible IPv6 address and IPv4 mapped IPv6 addresses. Compatible address is
  used to establish automatic tunnel to carry IPv6 packets over native IPv4 networks;
  address = 96 bits of 0 + IPv4 address. Mapped address is used when the router is
  implementing dual stack; address = 80 bits of 0 + 16 bits of 1 + IPv4 address.
- Compressed representation: use :: and short writings


Method          Type     Prefix and length Host learned      Default router    DHCP
                         learned from...   from...           learned from...
Stateful        Dynamic DHCP Server         DHCP Server      Router, using NDP Stateful DHCP
Stateless       Dynamic Router, using NDP   Derived from MAC Router, using NDP Stateless DHCP
Static        Static     Local config       Local config     Router, using NDP Stateless DHCP
Static config   Static   Local config       Derived from MAC Router, using NDP Stateless DHCP
with EUI-64
  Stateful DHCP works like IPv4 DHCP except that router information must be learned by
neighbor discovery protocol, which is actually how all IPv6 hosts use to obtain router
information. Stateful refers to the tracking of addresses by DHCP server. Source address
= ::, this address is also used in neighbor discovery
  Another difference is that IPv4 uses broadcast, which is replaced by FF02::1:2 multicast
address in IPv6.

  Stateless autoconfig uses NDP to learn prefix/prefix length, and default router. Its obtains
DNS IPv6 address via stateless DHCP and obtain its host ID by adding FF:FE between the
middle of the device’s MAC address, achieving a format called EUI-64. Note that the 7th bit,
or global/local bit, it’s flipped when making EUI-64 address. 0 means locally assigned and 1
means globally assigned.
  Stateless autoconfiguration include 4 steps:
- Determine the interface ID (last 64 bits of IPv6 address)
- Determine link-local IPv6 address
- Determine if other hosts are used the same address using DAD
- Determine global IPv6 address.

 Stateless DHCP, is used along with stateless autoconfig to provide DNS information.

  Static configuration can take place by either configuring the entire 128-bit of the address,
of by configuring the first 64 bit and configure the device to use EUI-64 format. Router
information can be supplied by NDP, while DNS info can be supplied by stateless DHCP.

 NDP is a feature of ICMPv6. During request for IP information, NDP hands out information
by asking the router to multicast all known IPv6 prefixes and the IPv6 address of default
gateway. These information are distributed via ICMPv6 messages called
- Router Solicitation (RS, ICMP type 133) is send by a host requesting router information;
  the destination address is FF02::1
- Router Advertisement (RA, ICMP type 134) is the reply to RS message by one router
  listing it’s known prefixes, this message is send back to all IPv6 nodes at FF02::1. This
  also include DHCP server information is one present.
Note: if RA can’t be received, the device multicast DHCP solicit message to FF02::1:2 to
obtain information. Cisco routers doesn't support much DHCPv6 functionality, so you will
need specialized DHCP server to do the job if your IPv6 network grows.

   Type [8 bits]       Code [8 bits]                       Checksum [16 bits]
                                       Message [32 bits]
ICMPv6 Type 1                       2              3             128          129
Description Destination Unreachable Packet Too Big Time Exceeded Echo Request Echo Reply
Code           0                       3                               8        11
Description    Echo Reply              Destination Unreachable         Echo     Time Exceeded

 When a host needs to send some message, it’ll look in the neighbor database for a list of
known neighboring IPv6 address and their corresponding MAC address. If not found, use
NDP to discover MAC address. This time, NS (request, ICMP Type 135) and NA (reply, ICMP
Type 136) ICMPv6 messages are used instead to search for MAC address.
 NS message use a destination address called solicited node multicast address (this address
will not across different broadcast domain), which represents all hosts with the same last 24
bits and use FF02::1:FF00:0/104 range. Thus, only hosts/routers whose last 24 bits (6 hex
digits of 32 digits) match will receive the message. Note that counting from right to left, the
24th bit should ALWAYS be 0. Thus, if the last 6 digit of your IPv6 address is AB:5004, the
solicited node address is FF02::1:FF:2B:5004.

  Duplicate Address Detection (DAD) is performed when an IPv6 address is first set up. This
is used to prevent hosts from creating problems by trying to use the same IPv6 address. It
uses the solicited node multicast address to send NS message. If a host reply with the same
address as this host, then a duplicate address exist. In IPv4, this is gratuitous ARP.

  Inverse neighbor discovery (IND) uses INS and INA messages; it’s the equivalent of
inverse ARP in IPv4. This protocol is used to deal with WAN protocol such as Frame Relay.
The INS message lists 1) source IPv6 address, 2) destination IPv6 address (FF02::1
multicast), 3) MAC addresses, 4) request to reply with your IPv6 address.

 ‘(config-if)#ipv6 nd’ is used to configure NDP

 NDP can perform L2 address resolution, router discovery, local prefix discovery, address
autoconfiguration, link parameter discovery, next-hop determination, neighbor and router
reacheability detection, duplicate address detection, and redirects.

Types of IPv6 addresses and some protocols

  Link local addresses are unicast address used to send IPv6 packets on the same segment;
it doesn’t change even if global unicast change. NDP (or ARP in IPv4), and next-hop IPv6
address, are all link local. Link local address start with FE8, FE9, FEA, or FEB::/10, bit 11 to
64 are 0, and the rest 64 bits are EUI-64.
  Address is automatically created with ‘(config)#ipv6 unicast-routing’ and ‘(config-if)#ipv6
enable’. You can also create it with ‘(config-if)#ipv6 address IPV6_ADD link-local’ in addition
to the previous commands.
 A link local address is also created for every unicast and anycast address.

 Site local is the equivalent of IPv4 private address, it must be created manually. It’s non-
routable, and start with 1111111010/10, with 11th to 64th bits as prefix, and the remaining
as EUI-64.

 Global unicast address refer to those address whose first hexadecimal digit is 2 or 3 with
CIDR > /3.

 ::/128 is called unknown address, this address is used by a host when it doesn’t know
what suitable IPv6 address to use (like when you can’t get DHCP or APIPA working in IPv4)

 ORCHID is a range of IPv6 address for cryptographic purpose; it uses 2001:0010::/28.

 All multicast address start with FF::/8, the 9-12 bit indicate when the address is
permanent [00] or temporary (experimental)[01]. Bit 13 to 16 represent the scope of the
address, which replaces TTL. Here are some possible scopes:
Type of Scope     Interface-local Link-Local Subnet-Local Admin-Local Site-Local Organization Global
Binary            1               10         11           100         101        1000         1110
Hexadecimal Value 1               2          3            4           5          8            E

Here are some reserved address:
 IPv6    FF02::1     FF02::2    FF02::5, 6     FF02::9    FF02::A      FF02::1:2    FF05::1:3 FF05::101

 IPv4    Subnet      N/A, 6 N/A               N/A           N/A
  Goal   All IPv6    All IPv6   OSPF           RIP-2      EIGRP        DHCP relay DHCP            All NTP
         nodes       routers                                           agent      server          server
IGMP functionality is integrated into ICMPv6, which is renamed to multicast listener
discovery. Multicast address = 96 initial bits + 33:33 + 32 lower bits of MAC address

 Anycast address is assigned to a group of server performing the same function (one can
replace other), so that the task will reach the closest server.

 IPv6 hosts/routers may have 2 or more addresses since each address also have a link local
address. Multiple global unicast address may also be used to prevent secondary IP

 Unique local IPv6 address is a type of IPv6 unicast address that always start with FD. The
next 40 bits can be randomly assigned by engineers followed by 16 bits of subnet space.
The interface ID can then be assigned statically or using EUI-64.
 Unique local is the equivalent of private address in IPv4.

Configuring IPv6 address
Command                                Description
ipv6 address address/length            Static configuration of the entire IPv6 unicast address.
ipv6 address prefix/length             Static configuration of the first 64 address bits; the router
eui-64                                 derives the last 64 bits with EUI-64.
ipv6 address autoconfig                Router uses stateless autoconfig to find address.
ipv6 address dhcp                      Router uses stateful DHCP to find address.
ipv6 unnumbered interface-type Uses the same IPv6 unicast address as the referenced
number                         interface.
ipv6 enable                       Enables IPv6 on the interface, and automatically obtain a
                                  link local address.
ipv6 unicast-routing              Enable IPv6 routing
ipv6 address address link-local   Overrides the automatically created link local address. The
                                  configured value must conform to the FE80::/10 prefix.
ipv6 address address/length       Designates that the unicast address is an anycast.
Show ipv6 interface               Display related info such as address, ND, and ICMP
Show ipv6 route                   Display routes using IPv6
Show ipv6 neighbor                Display neighbor table = ARP table in IPv4
Debug ipv6 nd                     Debug NDP activity
Show ipv6 router                  Display cache of received RA message with neighbor’s link
                                  local address and advertised prefix

 IP Unnumbered interface allow one interface to use the IP address of another interface.
The unnumbered interface (debtor) must be a point-to-point network type, in other words, a
serial interface. It’s suggested to borrow the IP address from a loopback interface
(borrower) because it’s always up.
 If the borrower is down, the debtor is also down. The debtor interface can’t be remotely
 To configure example, use ‘int s0/0’ -> ‘ip unnumbered loopback 0’
 Normally, a routing update would use the source address of the update as the next-hop
address. When using IP unnumbered, this would cause a confusion. The solution is to install
the outgoing interface instead of a next-hop address.
 Traffic going to the IP address co-owned by the debtor and borrower will be processed by
the borrower of the address
 IP unnumbered works well (subnet or not) in DV and EIGRP but not OSPF.

Changes in routing protocol

  All IPv6 routing protocols can advertise a network by enable the routing process on the
interface configuration mode in addition to the ‘network’ command in router configuration
mode. Note that only one method can be used at a time.
  When configuring static routes, it recommended to use link local addresses instead
because redirect messages may not work.
  When specifying the default route, you must specify the exit interface along with next hop

 RIP next generation, or RIPng, is the IPv6 version RIP.
Feature                                                       RIP-2             RIPng
RIP messages use these Layer 3/4 protocols                    IPv4, UDP         IPv6, UDP
UDP Port                                                      520               521
Default Administrative distance                               120               120
Supports VLSM                                                 Yes               Yes
Can perform automatic summarization                           Yes               N/A
Loop prevention mechanisms                                        Yes             Yes
30 second periodic full updates                                   Yes             Yes
Metric meaning infinity                                           16              16
Supports route tags                                               Yes             Yes
Form Neighbor adjacency                                           No              No
Multicast Update destination                                   FF02::9
Authentication                                                    RIP-specific    uses IPv6 AH/ESP

 To enable RIPng, use the following steps:
Step 1. Enable IPv6 routing with the ipv6 unicast-routing global command.
Step 2. Enable RIPng using the ipv6 router rip name global configuration command. The name
        must be unique on a router but does not need to match neighboring routers.
Step 3. Enable IPv6 on the interface, typically with one of these two methods:
        Configure IPv6 unicast (config-if)#ipv6 address address/prefix-length [eui-64]
        Configure ipv6 enable command to derive router’s link local address.
Step 4. Enable RIP on the interface with ‘(config-if)#ipv6 rip name enable’ (where the name
        matches the ipv6 router rip name global configuration command).

  For any interface on which RIPng is enabled, RIP process does:
1- Start sending/receiving (processing) RIP update from that interface at UDP 521
2- It advertised about its connected routes on that interface. This doesn’t include any link
local address or local host routes (which are routes with /128 prefix)
Function                                   IPv4                          IPv6
All routes                                 Show ip route                 Show ipv6 route
All RIP learned routes                     Show ip route rip             Show ipv6 route rip
Details on the routes for a specific prefix Show ip route subnet mask Show ipv6 route prefix/length
Interfaces on which RIP is enabled         Show ip protocols             Show ipv6 protocols
List of routing information sources        Show ip protocols             Show ipv6 rip next-hops
Debug that displays sent and received      debug ip rip                  debug ipv6 rip
‘L’ means a link-local address.

 When using RIPng along with Frame Relay, make sure you create static map.

 EIGRP for IPv6 differs from EIGRP for IPv4 by
Feature                                                    EIGRP for IPv4         EIGRP for IPv6
Advertises routes for...                                   IPv4                   IPv6
Layer 3 header protocol type                               88                     88
UDP Port                                                   N/A                    N/A
Uses Successor, Feasible Successor logic                   Yes                    Yes
Can perform automatic summarization                        Yes                    N/A
Uses triggered updates                                     Yes                    Yes
Uses composite metric, default = bandwidth + delay         Yes                    Yes
Metric meaning infinity                                    232
                                                                 −1               232 − 1
Multicast Update destination                                FF02::10
Authentication                                            EIGRP-specific        Uses IPv6 AH/ESP

 To configure EIGRP for IPv6, use:
Step 1. Enable IPv6 routing with (config)#ipv6 unicast-routing
Step 2. Enable EIGRP with (config)#ipv6 router eigrp ASN where ASN range is {1 – 65535}.
Step 3. Enable IPv6 on the interface, typically with one of these two methods:
        Configure IPv6 unicast (config-if)#ipv6 address address/prefix-length [eui-64]
        Configure ipv6 enable to derive router’s link local address.
Step 4. Enable EIGRP with (config-if)#ipv6 eigrp asn interface subcommand (where ASN matches
        (config)#ipv6 router eigrp asn).
Step 5. Enable EIGRP for IPv6 with (config-router)#no shutdown command
Step 6. If no IPv4 EIGRP RID has been automatically chosen, configure an EIGRP RID with (config-
        router)#eigrp router-id RID this RID must be 32-bit long

 In EIGRP for IPv6, the neighbors are not required to be in the same primary/secondary
subnet to form neighborship. Here are some command comparison for EIGRP
All routes               show ip route                           show ipv6 route
All EIGRP learned routes show ip route eigrp                     show ipv6 route eigrp
Details on specific routes show ip route subnet mask             show ipv6 route prefix/length
Interfaces on which       show ip protocols                      show ipv6 protocols
EIGRP is enabled, plus
metric weights, variance,
redistribution, max-
paths, admin distance
List of routing          show ip protocols ... eigrp             show ipv6 eigrp neighbors
information sources      neighbors
Hello interval           show ip eigrp interfaces detail         show ipv6 eigrp interfaces detail
EIGRP database           show ip eigrp topology [all-links] show ipv6 eigrp topology [all-
Debug that displays sent debug ip eigrp notifications            debug ipv6 eigrp notifications
and received Updates

 OSPFv3 is the IPv6 version of OSPFv2
Feature                                                        OSPFv2         OSPFv3
OSPF messages use this layer 3 protocol                        IPv4           IPv6
Process to choose RID, compared to OSPFv2                      Same           Same
LSA flooding and aging compared to OSPFv2                      Same           Same
Area structure compared to OSPFv2                              Same           Same
Packet types and uses compared to OSPFv3                       Same           Same
LSA flooding and aging compared to OSPFv2                      Same; 30 min   Same; 30 min
RID based on highest up/up loopback IPv4 address, or           Yes            Yes
highest other IPv4 interface address?
Uses interface cost metric, derived from interface bandwidth   Yes            Yes
Metric meaning infinity                                         216 − 1           216 − 1
Supports route tags                                             Yes               Yes
Multicast–all SPF routers                                      FF02::5
Multicast–All Designated routers                               FF02::6
Authentication                                                  OSPF-specific     Uses IPv6 AH/ESP
Neighbor checks compared to OSPFv2                              Same              Same, except no
                                                                                  “same subnet” check
Multiple OSPF instances per interface                           No                Yes
Header size                                                     24 bytes          16 bytes
 OSPFv3 defines interfaces that are connected to the same link rather than a subnet and
remove address dependency.
 OSPFv2 drops unknown LSA, whereas OSPFv3 forwards them.
 Neighbors in OSPFv3 are always identified by RID whereas in OSPFv2, neighbors identify
themselves using RID on PtP and virtual links while IPv4 interface address on broadcast,
point-to-multipoint and NMBA links.

  Link State Type is now 16 bits instead of 8 bit Options and 8-bit LS Type. 3 more bits are
added to the LSA Type field for which there is an U bit. If U bit = 0, router doesn’t forward
the LSA, so the LSA practically have only link-local flooding scope. If U bit = 1, router
forward the LSA.
  Other bits include S1 and S2, together, indicate the scope of the LSA
S2    S1      Flooding Scope
0     0       Link-local scope (flooded only on the link the LSA is originated on)
0     1       Area scope (flooded to all routers in the area the LSA was originated in)
1     0       AS scoping (flooded to all routers in the OSPFv3 domain)
1     1       Reserved

Here is a list of corresponding OSPFv2 and v3 LSAs:
OSPFv T1    T2     T3 Network T4 ASBR    T5 AS-   T6 Group T7 NSSA *     *          *
2 LSA Route Netwo Summary Summary external membershi External
      r LSA rk LSA LSA        LSA        LSA      p LSA     LSA
OSPFv 2001 2002 2003 Inter- 2004 Inter- 4005 AS- 2006 Group 2007 T7 0008 2009       A00a
3 LSA Route Netwo Area Prefix Area       external membershi LSA     Link Intra-Area Intra-Area-
      r LSA rk LSA LSA        Router LSA LSA      p LSA             LSA Prefix LSA TE LSA

  One of the LSA is Link LSA, which has link-local scope and used to convey local router’s
link local address, list of IPv6 prefixes of local router, and a set of Options associated with
Network LSA. The Options field include:
- Propagate bit used to translate T7 to T5 LSA
- MC bit used to include prefix should be included in multicast routing calculation
- LA bit, when set, indicate the advertised prefix is an interface address of local router
- NU bit, when set, indicate the prefix should be excluded from unicast route calculation.

 Same as EIGRP, OSPFv3 doesn’t require neighbors to be in the same subnet. OSPFv3 can
support multiple instances of OSPF, but RID is still based on IPv4 address. Here is how to
configure OSPFv3
Step 1.       Enable IPv6 routing with (config)#ipv6 unicast-routing
Step 2.       Create an OSPFv3 routing process using (config)#ipv6 router ospf process-id
Step 3.     Enable IPv6 on the interface, typically by configuring static IPv6 addresses as follows:
            Configure IPv6 unicast with (config-if)# ipv6 address address/prefix-length [eui-64]
            Configure ipv6 enable to derive router’s link local address.
Step 4.     Enable OSPFv3 on the interface with (config-if)#ipv6 ospf process-id area area-number
Step 5.     If no OSPF RID has been automatically chosen, configure an RID with (config-
            router)#router-id RID.
Step 6.     Create a static neighbor with ‘(config-if)#ipv6 ospf neighbor IPV6_ADD’
            Change the network type with ‘(config-if)#ipv6 ospf network TYPE’
 You can also shutdown a process by ‘(config-router)#shutdown’ but since the process is up
be default, you don’t need to include this.

 LSA type 1 and 2 advertise 32-bit ID instead of route prefixes. LSA Type 3 address prefixes
are stored as ‘prefix, option, and prefix length’ instead of ‘prefix wildcard-mask’ in OSPFv2.
All OSPF-learned routes               show ip route ospf            show ipv6 route ospf
RID, Timers, ABR, SPF statistics      show ip ospf                  show ipv6 ospf
List of routing information sources   show ip protocols             show ipv6 ospf neighbor
                                      show ip ospf neighbor
Interfaces assigned to each area      show ip protocols            show ipv6 protocols
                                      show ip ospf interface brief show ipv6 ospf interface brief
OSPF interfaces–costs, state, area,   show ip interface brief       show ipv6 interface brief
number of neighbors
Detailed information about OSPF       show ip ospf interface        show ipv6 ospf interface
Displays summary of OSPF              show ip ospf database         show ipv6 ospf database
When configuring Frame Relay, remember to use static map.

IS-IS for IPv6

 IS-IS added 2 TLVs to support IPv6, IPv6 Reachability TLV and IPv6 Interface Address
 The IPv6 Reachability TLV is used to describe network reachability such as the IPv6 routing
prefix, metric information and some option bits. The option bits indicate the advertisement
of the IPv6 prefix from a higher level, the distribution of the prefix from other routing
protocols (i.e. route redistribution), and the existence of sub-TLVs.
 IPv6 interface address contain an IPv6 interface link-local address.

 After ‘router isis’ and ‘net’ command, you need an additional ‘address-family ipv6’
command. And use ‘ipv6 router isis’ instead of ‘ip router isis’.
 ‘(config-router)#no adjacency check’ command can be use to prevent neighborship
between IPv4 and IPv6 routers being torn down.

BGPP4+ for IPv6

  Also known as MP-BGP, the next-hop attribute is now defined in IPv6 address. ‘(config-
router)#neighbor IPV6_ADD update-source [INT]’ must now be configured for BGP peering.
  If you are running MP-BGP in an IPv6-only network, use ‘(config-router)#no bgp default
ipv4-unicast’ command.
  ‘(config-router)#bgp router-id’ also must be configured.
Redistribution and static routes

 IPv6 redistribution does not take connected routes into account by default, to do this, you
need to add ‘included-connected’ parameter in the end of the command. On the other hand,
IPv4 redistribution take IGP and connected routes into the process.
 ‘metric’ parameter also allow the engineer to set the metric of the route to the destination
routing protocol.

 For OSPFv3, no ‘subnets’ parameter because IPv6 redistribution doesn’t recognize classful
 Local routes (/128) are ignored.

  IPv6 static route can be set by ‘(config)#ipv6 route PREFIX/LENGTH [OUT_INT]
NEXT_HOP_ADD [AD] [tag VALUE]’ command.
  Note that the next hop IP address can be any IPv6 address, but if you wish to use the link
local address of the next hop router, you must indicate the outgoing interface as well.

 An IPv6 mobile node has a home address on its home network and a care-of address on its
current network. A node communicating with a mobile node is called a correspondent node
of the mobile node. The association between the home address and the care-of address of a
mobile node is known as a binding. When a mobile node roams away from its home
network, it sends a binding update to its home agent, a router on its home network. There
are two ways that a mobile node and a correspondent node can communicate—via the home
agent or directly.

  In the first case, packets from the correspondent node are routed to the home agent and
then tunneled to the mobile node. Packets to the correspondent node are tunneled from the
mobile node to the home agent and then routed normally from the home network to the
correspondent node.
  In the second case, when the mobile node first receives a packet from the correspondent
node, it sends a binding update to the correspondent node. Packets from the correspondent
node can then be routed directly to the care-of address of the mobile node and all traffic
flows directly between the correspondent node and the mobile node.

Migration and tunnel

 There are 3 major tools used for translation between IPv4 and IPv6, these include dual
stacks, tunneling, and NAT protocol translator (NAT_PT).

Dual stack

 Dual stack host has both IPv4 and IPv6 addresses that they use to communicate using
either one of the protocols. Dual stack router means the router not only have IPv4 and IPv6
address, it also implement IPv4 and IPv6 routing protocols.

 Dual stack it easy to implement because you only need to specify both the IPv4 and IPv6

 To forward IPv6 packets, the engineer use:
- Native IPv6: configure IPv6 on most or all interfaces and make all routers use a dual stack
- IPv6 tunnel: used in environments with both IPv4 and IPv6. Transport IPv6 packets across
  IPv4 network by encapsulating in an IPv4 packet.


 Tunneling is the process by which IPv6 packets are encapsulated in IPv4 packets. The first
router a dual stack host pass should be equipped with dual stack as well to encapsulate the
original packet inside an IPv4 packet. The last receiving router should also be equipped with
dual stack in order to to be able to read the message. There are point-to-point and
multipoint tunnels.

 A point-to-point IPv6 tunnel is implemented between 2 tunnel interfaces of 2 routers. Note
that this interface is in the direction that face the other router instead of facing the LAN.

  A point-to-multipoint IPv6 tunnel is like NMBA in Frame Relay, where every router’s tunnel
interfaces are connected at an unseen single point in the middle. The difficulty is that it
can’t use IGP, only relying on multiprotocol BGP or static routes. There are automatic 6to4
tunnel and ISATAP tunnels.

 Use point-to-point tunnel for frequent traffic, and point-to-multipoint for frequent ones.
Method      Type     Topology Advantages and Other Notes
Manually   Static    Pt-pt     Acts like a virtual point-to-point link, supporting IPv6 IGPs. Good for
Configured                     more permanent tunnels. Slightly less overhead than GRE.
GRE         Static   pt-pt     Generic Routing Encapsulation. Same advantages as previous row,
                               plus it can support other Layer 3 protocols over the same tunnel.
6to4        Dynamic Mpt        It may require less configuration than all other types when adding a
                               new site. Supports global unicasts, with some extra configuration.
                               Uses second and third quartets to store IPv4 address.
ISATAP      Dynamic Mpt        It easily supports global unicast addresses for all prefixes. Uses
                               seventh and eighth quartets to store IPv4 address.

  To configure MCT, you need to configure IPv4 addresses. Since MCT is point-to-point
topology, the source address of one router must match the destination address of another.
If multiple links exist, the routers should use loopback addresses (from a loopback
interface) instead.
  Note that tunnel interface is a virtual interface.

 To configure MCT,
1. ‘(config)#interface tunnel IDENTIFIER’ where the identifier can be almost any positive
2. Define source and destination address with ‘(config-if)#tunnel source {IPV4_ADD |
   loopback NUM}’ and ‘(config-if)#tunnel destination IPV4_ADD’; note that if you use a
   loopback interface 0, specify its address by ‘tunnel source loopback 0’
3. Define this as a MCT tunnel by ‘(config-if)#tunnel mode ipv6ip’

Note: when both routers have finished configuration, the tunnel should be up. A ‘show
interface tunnel’ should display the tunnel status. The encapsulation will be ‘TUNNEL’, tunnel
protocol/transport is ‘IPv6/IP’. You can also check with ‘show ipv6 interface tunnel’
 Previous to configuring MCT, the router should already have IPv6 addressing and routing in
place. The IPv6 address is necessary.

  Link local address on tunnel interface is that of FE80::/96 (link local) with the last 32 bits
in hexadecimal form of the source IP address (whether from loopback or else configured).

 The only configuration difference between GRE and MCT tunnel is GRE uses ‘tunnel mode
gre ip'; GRE is the default encapsulation on Cisco routers and thus, this command may not
even be needed.

 If 2 tunnels have a encapsulation mismatch, but the link status is still up/up. Here are
some difference between the 2. The 4 byte difference come from 4 byte GRE header.
                                                   Manual Tunnels          GRE
RFC                                                4213                    2784
Tunnel mode command                                tunnel mode ipv6ip      tunnel mode gre ip
Passenger MTU default                              1480                    1476
Supports IPv6 IGPs?                                Yes                     Yes
Forwards IPv6 multicasts?                          Yes                     Yes
Uses static configuration of tunnel destination?   Yes                     Yes
Supports multiple passenger protocols?             No                      Yes
Link local based on...                             FE80::/96, plus 32 bits IPv6 EUI-64, using first
                                                   from tunnel source      LAN interface’s MAC
                                                   IPv4 address            address

 Automatic 6to4 uses IPv6 address from 2002::/16 range,

 You can display related information using ‘show interface tunnel’, clear with ‘clear counters
tunnel TYPE NO’

 Another type of tunnel is called Teredo, which encapsulated IPv6 packets in IPv4/UDP
packet to prevent being changed and disrupt NAT operation.

 ISATAP treats IPv4 network as NBMA and allow IPv4 private network to incrementally
implement IPv6 without upgrading the network.


 These methods describe how same-protocol hosts (IPv4 - IPv4) and communicate with
each other. However, for IPv4 hosts to communicate with IPv6 hosts, or vice versa, you
need NAT protocol translation or NAT-PT.
 Static NAT-PT provides a one-to-one mapping of a single IPv4 address to a single IPv6
address (sounds like static NAT). There is also Dynamic NAT-PT, which uses a pool of IPv4
addresses to provide a one-to-one mapping with an IPv6 address. Finally, there is Network
Address Port Translation (NAPT-PT), which provides a many-to-one mapping of multiple IPv6
addresses to one IPv4 address and a port number.
 Remember that NAT-PT exchange the header instead of adding/removing the header.

 NAT-PT can translate many headers, such as IPv4, IPv6, TCP, UDP, ICMP, etc. It’s also
heavily involved in exchange between DNS and DNSv6 packets.

 The actual translation is done by stateless IP/ICMP translation (SIIT).

  Bump-in-the-API (BIA) and Bump-in-the-Stack (BIS) are NAT-PT implementations within a
host. BIA/BIS intercepts system calls to IPv4 functions and dynamically responds with IPv6
information, allowing, for example, a server to be converted to IPv6 without rewriting
applications. This approach will not work, however, for applications that embed IP addresses
in the payload, such as the file transfer protocol (FTP).
Branch design and WAN

Basic terminology

 Broadband Internet access technology refers to a class of high speed communication
methods that allow a device to access the Internet.

 PPP over Ethernet, or PPPoE, is a term describing the format of a frame that has a PPP
header between the Ethernet and IP header. This allow the ISP to identify a user and
maybe, track them. PPP over ATM (PPPoA) is implemented in DSL.

 ISR include 800, 1800, 2800, and 3800 family, plus 1900, 2900, and 3900s.
 Consumer routers such as linksys has the DCHP client/server, PAT/NAT built in, but it
Enterprise routers would require specific configuration for these function to work.

Connecting with IPsec

 For packets to pass from the branch to the Core via the unsafe Internet, security is
important. IPsec works by creating a tunnel between the branch office and Enterprise Core.

 The source and destination address use the private address of the networks, which is
encrypted and encapsulated in a IPsec header, then an IPv4 header. The outer header
contain the branch’s and Enterprise’s public address as source and destination address. The
Enterprise Core, of course, must be equipped with devices to decrypt the packets.

 Note that IPv4, in this case, is both used as transport and passenger protocol. The IPsec
header encapsulated may include various features depending on how the IPsec framework is

  IPsec can’t directly support IGP because it can’t forward multicast messages. However, you
can replace it with a GRE tunnel, which can:
- Act as a point-to-point link from Layer 3 perspective
- Support many passenger protocols other than IPv4
- Encapsulate/forward broadcast and multicast, thus, support IPv4 IGP
- Run through IPsec tunnel
- Not required to use floating static route

 If multiple connection between the 2 networks exist, and the engineer wish to use all of
them, s/he can just configure these methods to use the same routing protocol. This way,
the route can be manipulated to a desired state.

Connecting with DSL

 DSL utilize the phone line between the Telco and customer to provide Internet access by
employ different frequencies (it uses frequency higher than 4000 Hz; a filter is placed so we
don’t heard them while we talk on the phone). DSL is switched circuit.
 A DSLAM is placed at the telco office to separate the digital and analog data so each end
up where they are suppose to be.

 DSL uses ATM and PPP. ATM is used for transferring the data, data-link address, how to
pass L3 data, and identify the content (ATM header). PPP is most used for its CHAP
authentication (PPPoA header between ATM header and IP header).
 ATM uses PVCs (between DSL modem and ISP router) like Frame Relay and it’s data-link
address is also locally-significant. ATM uses 2-part address called virtual path identifier/
virtual connection identifier (VPI/VCI).
 ATM is a little more complicated than Frame Relay as it carries 53-byte cells. All data
needs to be 48-byte and plus the 5-byte header.

  DSL configuration include:
- Create a dialer interface (‘interface dialer IDENTIFIER’ command, responsible for PPP, such
  as CHAP, and address negotiation)
- Apply layer 3 and PPP configuration relates to DSL
- Apply ATM configuration to ATM interface
- Link ATM interface to dialer interface
- IP route forwards traffic out the dialer interface to trigger DSL encapsulation process.

  ATM interface is created by ‘interface ATM type/type’ command. VPI/VCI is applied by ‘pvc’
subcommand. ‘(config-if)3encapsulation aal5mux ppp dialer’ means PPPoA will be used and
this PVC will use the logic of a dialer interface.
  ‘dialer pool-member IDEN’ (in ATM interface) corresponds with pool configured in dial
interface with ‘dialer pool IDEN’, which teller the dialer interface that when ti needs to signal
a new connection, look for interface with ‘dialer pool-member IDEN’ configured.
  To tell router to learn its IP address from ISP using PPP, use ‘ip address negotiated’ at
dialer interface.

Connecting with VPN

  Other than IPsec, the following can also provide intra-network connection over the
- virtual tunnel interface, like GRE, but uses encapsulation without the GRE 4-byte header
- Dynamic multipoint VPN (DMVPN) create a multipoint VPN concept, less configuration to
  add to a new site.
- Group encrypted transport VPN (GETVPN), like DMVPN.

 When configuring GRE, you can ignore the ‘tunnel mode’ command, which allows you to
use IPv4 as passenger protocol

Multicast MAC and IP address

  A router doesn’t forward broadcast and multicast messages by default. These packets have
a TTL of 1. You can configure to allow broadcast to spread from one subnet to another using
‘ip directed-broadcast’. Multicast packets are routable.

 Multicast messages often uses UDP thus delivery is not guaranteed. Other areas require
different attention, security can be addressed by IPsec, and multimedia traffic can be
carried by RTP.

  Multicast MAC address always begin with 0100.5E and the 25th bit is always 0. This means
it’s not possible for the 7th hexadecimal digit to be equal or greater than 8. The rest of the
bits come from the last 23 bits of the corresponding IP address.
  However, this combination is not a not unique multicast address, 32 other addresses may
have the same multicast address (thus, have to check the destination IP address for sure).
This lead to the suggestion to use non-overlap Multicast IP address instead. is the multicast IP address to reach all hosts. Here are the types of multicast IP
Multicast Address Range      Multicast Address Mask   Description            Local Network Control Block            Internetwork Control Block     N/A                      Ad Hoc Block     N/A                      Unassigned              SDP/SAP Block   N/A                      Unassigned                Source Specific Multicast Block                GLOP Block   N/A                      Unassigned                Administratively Scoped Block
- Local network control block is reserved for local multicast transmission and will not be
  forwarded any further than local segment. TTL = 1. is all host, while
  is all IP routers. Routing protocol uses this block of address to advertise routing
  information. PIM uses, while IGMP uses
- Internetwork control block are used by network protocols when control messages need to
  be multicasted beyond the local network segment. TTL is the same as unicast packets
- Ad hoc block are assigned to applications that fall somewhere in between link local and
  internetwork control multicast group. Must be reviewed by IANA.
- SDP/SAP block is reserved for applications that send and receive multimedia session
  announcements using the SAP
- Source-specific multicast ( SSM (an extension of PIM) allow efficient data
  delivery in one-to-many (broadcast) communication. Also supported in IGMPv3.
- GLOP ( allocate 256 multicast IP address for each AS. First octet = 233,
  second and third octet = ASN in binary.
- Administratively scoped address ( used in private multicast domain. is reserved for site-local multicast and is for organization-
  local scope.

Here are some familiar multicast address:
Address        Group      All multicast-capable hosts on this segment.      All multicast-capable routers on this segment .      All Distance Vector Multicast Routing Protocol (DVMRP) routers on this segment.      All Open Shortest Path First (OSPF) routers.      All OSPF DR/BDR.      All Routing Information Protocol Version 2 (RIPv2) routers.     All Enhanced Interior Gateway Routing Protocol (EIGRP) routers.     All Protocol Independent Multicast (PIM) routers.     All Core Based Tree (CBT) routers.

Multicast solutions

  Multicast traffic, by default, are flooded out all ports, the hosts decide whether or not the
frame is for them. This is one efficient and wastes bandwidth, to mitigate this problem:
- Static MAC table entries for the multicast address, not a recommended solution for large
  amount of multicast address and frequent changes.
- Cisco group management protocol (CGMP) runs between switches and routers. It passes
  the MAC address of the requestor and the multicast group requested on to the switch.
  Then the switch check its CAM table and make a decision about which port is enabled to
  receive these frames.
- IGMP snooping perform the same process as CGMP but using IGMP. Cisco uses hardware
  to perform this because it’s too much burden for the software. IGMP snooping allows a
  switch to identify end systems that request multicast traffic and limit forwarding of a
  multicast address to specific ports. IGMP snooping is enabled by default, and can be
  manually disabled by the command no ip igmp snooping.

Versions of IGMP

 When a user wish to receive multicast messages from a certain multicast address, it sends
a special request to the local router. There are IGMPv1 (RFC 1112), v2 (RFC 2236) and v3
(RFC 3376). All devices can be reached at

 In version 1, to join a group, a host dynamically send a message called membership report
IGMP message to the router telling it which address this host wants to join. The multicast
message will be send with destination address unchanged.
 Because there is no leave process, if a host no longer wish to hear a multicast, it doesn’t
send membership report.

 Multicast routers must intercept all the multicast packets to receive the membership
reports and add hosts to the appropriate group. Every 60 seconds, the router (elected as
the querier or DR) send query to asking if hosts are still interested in receiving
updates. Only 1 host response is needed to maintain forwarding.
 If no membership report (from a host) for a current active multicast address has been
received for up to 3 queries (3 minutes), that host is pruned from the multicast address. If
this happens to all hosts, then the multicast group is discarded.
 Router doesn't record membership list for each multicast group, it only records which
multicast group are active on which interfaces. Verify with ‘show mroute'

  IGMPv2 improves on:
- Queries can be general queries ( or group-specific queries (for only one
  multicast group)
- Hosts can leave group dynamically by sending Leave Group message to all-router address
  ( Router respond with group-specific query asking if other hosts are still
  interested; this query is send once a second for 2 seconds. Interested host reply with
  membership report, if none is received, DR stop flowing multicast to this group.
- Querier election with the lowest IP address wins; re-election occurs 250 seconds after the
  DR is last heard. In v1, multicast routing protocol is responsible for that.
- Query-interval response time in maximum response time field, by default, 10 seconds,
  tells hosts how long after the query has been send that a host must reply. The value can
  increase on segment with many hosts.

  Hosts can join multicast group any time by sending an unsolicited report to the desired
multicast address. To see current active group, use ‘show ip igmp group’, which contains a
field called ‘Last Reporter’. If a device other than the last porter sends a leave message, the
router assume there are at least one user present. If the last reporter send a leave
message, the router sends a membership query to reduce latency.

 IGMPv3 add support for multicast source filtering. This means a host sends the router a list
of multicast address from which it would like to hear from. IGMPv3 is compatible with the
older versions of IGMP.

 IGMPv3 is primarily used for source-specific multicast (SSM). SSM is based on PIM sparse
mode, with a separate source-distribution tree for each source that is used within each

 To change IGMP version use ‘(config-if)#ip igmp version {1 | 2 | 3}’.
 To display what IGMP versions are used, check ‘show ip igmp interface’ command.
 ‘show ip igmp groups’ display the active groups in use. You can also use ‘show multicast
group igmp' command.
 To ask a router to join a multicast group, use ‘ip igmp join-group MULT_ADD’, you can
multicast ping with ‘mping’ command.
 You can view these statically-joined group with ‘ip igmp static-group’

 Another multicast protocol you may see is CGMP. It’s a Layer 2 protocol rather than ICMP,
which is layer 3. It works with switches to relay or stop the multicast. Routers receiving
ICMP messages translate it into CGMP and send it to switches at 0100.0CDD.DDDD (SNAP
value 0x2001) to implement.
Entry GDA [6 bytes]:         USA [6 bytes]: IGMP   Join/Leave [4 bits]: Meaning
      translated multicast   report device MAC     0 = join, 1 = leave
      IP group address       address
1     Multicast MAC          Client MAC            Join                  Add port to group
2     Multicast MAC          Client MAC            Leave                 Delete port from group
3     00-00-00-00-00-00      Router MAC            Join                  Assign router port
4     00-00-00-00-00-00      Router MAC            Leave                 Remove router port
5     Multicast MAC          00-00-00-00-00-00     Leave                 Delete group
6     00-00-00-00-00-00      00-00-00-00-00-00      Leave                 Delete all group

  Since Catalyst 4000 and 5000 family can act as a router and handle ICMP message using
‘(enable)set cgmp leave {enable | disable}’

Implementing multicast

  When multicasting, you need a path between the host and the server for the information
to pass through, this can’t be established by the server. The host must somehow know the
address of the server, which can be established by:
- Link such as email, or webpage
- Session directory (SD), an application that uses SDP to announce the address of the
  server. This application uses

Multicast routing protocol

  Implementing multicast require different logic and routing protocol than traditional packet
forwarding. These routing protocol include Multicast OSPF (MOSPF), Distance Vector
Multicast Routing Protocol (DVMRP), Center-Based Trees, Core-Based Trees, and Protocol
Independent Multicast (PIM). Cisco routers do not support Center- or Core-Based Trees and
support DVMRP only enough to redistribute routes. The only MOSPF command used in IOS
is one to turn off an annoying error message that comes from receiving MOSPF.

 Multicast routing protocols are also described as either sparse or dense. A dense multicast
routing protocol assumes that all hosts on all links are interested in the traffic and so floods
multicasts out all paths, only to have some paths ask not to receive the traffic. This could
succinctly be described as “bush out, prune back.” Sparse multicast routing protocols
assume that no one wants the traffic until they ask for it.

 Dense-mode protocols work better in LANs, where bandwidth is plentiful. Sparse-mode
protocols work better in WANs, where conserving bandwidth is critical.

  Reverse path forwarding (RPF) check every multicast packet the router receives on an
interface that the return traffic uses the same interface. The test is performed by looking up
the source address of the multicast packet in the unicast routing table and cross-reference
the exit interface of that address with the interface on which the multicast packet is
received. If match, the packet if forwarded to the recipient, if not, the packet is dropped.

 Multicast tree is a logical map of the nodes in a network. The multicasting server is the
root, but not all nodes, or branches will become destination for that multicast packet.
Multicast routes are written as (server-address, multicast-address).

  Multicast traffic is distributed by moving the traffic away from the source, along the RPF
paths. The path that multicast traffic travel upon is called a distribution tree. There are 2
types: shared and source-rooted.
  Shared trees define a common set of links over which all multicast traffic flows. Shared
trees are efficient and can be rooted at rendezvous points (RP). For each group, shared
trees have one (*, G) route (all sources within the group route the same way).
  Source-based trees take the shortest path from the source to the receiver, which is to say
each source has a separate set of routes associated with it. Source-based trees are more
complicated (and use more memory) but more efficient in terms of bandwidth.

Shared By:
Tags: CCNP Route